{"id":8579,"name":"langsmith","ecosystem":"npm","repository_url":"https://github.com/langchain-ai/langsmith-sdk","issues_count":368,"created_at":"2025-06-06T22:24:46.834Z","updated_at":"2025-06-06T22:24:46.834Z","purl":"pkg:npm/langsmith","metadata":{"id":7856007,"name":"langsmith","ecosystem":"npm","description":"Client library to connect to the LangSmith LLM Tracing and Evaluation Platform.","homepage":"https://github.com/langchain-ai/langsmith-sdk#readme","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/langchain-ai/langsmith-sdk","keywords_array":["LLM","Tracing","Evaluation","LangChain"],"namespace":null,"versions_count":265,"first_release_published_at":"2023-06-26T22:00:11.934Z","latest_release_published_at":"2025-06-02T20:34:06.982Z","latest_release_number":"0.3.30","last_synced_at":"2025-06-05T06:45:53.380Z","created_at":"2023-06-26T22:04:01.223Z","updated_at":"2025-06-05T06:45:53.380Z","registry_url":"https://www.npmjs.com/package/langsmith","install_command":"npm install langsmith","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"rc":"0.1.60-rc1","tag-for-publishing-older-releases":"0.1.68","next":"0.3.29-rc.0","latest":"0.3.30"}},"repo_metadata":{"id":176374085,"uuid":"647427819","full_name":"langchain-ai/langsmith-sdk","owner":"langchain-ai","description":"LangSmith Client SDK Implementations","archived":false,"fork":false,"pushed_at":"2024-09-01T07:09:20.000Z","size":3519,"stargazers_count":371,"open_issues_count":90,"forks_count":67,"subscribers_count":8,"default_branch":"main","last_synced_at":"2024-09-02T11:30:54.604Z","etag":null,"topics":["evaluation","language-model","observability"],"latest_commit_sha":null,"homepage":"https://smith.langchain.com/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/langchain-ai.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-05-30T19:03:00.000Z","updated_at":"2024-08-31T05:04:40.000Z","dependencies_parsed_at":null,"dependency_job_id":"c7030b66-a3a5-45a1-b013-f38af4b04238","html_url":"https://github.com/langchain-ai/langsmith-sdk","commit_stats":{"total_commits":984,"total_committers":33,"mean_commits":"29.818181818181817","dds":0.6168699186991871,"last_synced_commit":"cb7fcf0220ccc39abe10183674108bdd14072d4b"},"previous_names":["langchain-ai/langchainplus-sdk"],"tags_count":200,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/langchain-ai","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":217594248,"owners_count":16201657,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"langchain-ai","name":"langchain-ai","uuid":"126733545","kind":"organization","description":null,"email":null,"website":null,"location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/126733545?v=4","repositories_count":1,"last_synced_at":"2023-04-09T06:22:23.488Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/langchain-ai","funding_links":[],"total_stars":null,"followers":null,"following":null,"created_at":"2023-04-09T06:22:23.489Z","updated_at":"2023-04-09T06:22:23.489Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/langchain-ai","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/langchain-ai/repositories"},"tags":[{"name":"v0.1.108","sha":"cb7fcf0220ccc39abe10183674108bdd14072d4b","kind":"commit","published_at":"2024-08-31T05:04:36.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.108","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.108","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.108","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.108/manifests"},{"name":"v0.1.107","sha":"0e1c328960f3de2799771b89b2861a9c7212978e","kind":"commit","published_at":"2024-08-29T20:37:17.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.107","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.107","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.107","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.107/manifests"},{"name":"v0.1.106","sha":"fab1c225903c32f989bd6649dca8e240b80d30f1","kind":"commit","published_at":"2024-08-27T22:24:52.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.106","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.106","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.106","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.106/manifests"},{"name":"v0.1.105","sha":"c1de3732b34e4d866bdcc5a51bb3eb51f143586f","kind":"commit","published_at":"2024-08-27T13:52:01.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.105","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.105","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.105","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.105/manifests"},{"name":"v0.1.104","sha":"8f4303d3bb7113a2059954f016bd3ec45e44ae82","kind":"commit","published_at":"2024-08-23T02:02:40.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.104","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.104","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.104","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.104/manifests"},{"name":"v0.1.103","sha":"b846a4c9cedb51f14b2338e04327b9b416c08765","kind":"commit","published_at":"2024-08-22T20:56:24.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.103","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.103","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.103","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.103/manifests"},{"name":"v0.1.102","sha":"15b7ea68e3a097f23116c9ea8257ca3798d66a7f","kind":"commit","published_at":"2024-08-22T17:22:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.102","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.102","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.102","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.102/manifests"},{"name":"v0.1.101","sha":"9a31d2806bca755481c279b10241045e0800882d","kind":"commit","published_at":"2024-08-21T15:24:03.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.101","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.101","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.101","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.101/manifests"},{"name":"v0.1.100","sha":"f66be6f92e7ecfaac50012da64d44f717d385263","kind":"commit","published_at":"2024-08-20T17:41:13.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.100","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.100","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.100","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.100/manifests"},{"name":"v0.1.99","sha":"d7222934de84f749d068589da8918ae83d56bf68","kind":"commit","published_at":"2024-08-11T19:13:42.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.99","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.99","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.99","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.99/manifests"},{"name":"v0.1.98","sha":"01d5622b88d16104d28de6908e6d93e65d392bd3","kind":"commit","published_at":"2024-08-06T05:34:00.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.98","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.98","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.98","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.98/manifests"},{"name":"v0.1.97","sha":"0badaa0ceaea0c0f96ab11eb68b9a7de4f5fc336","kind":"commit","published_at":"2024-08-06T01:01:04.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.97","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.97","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.97","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.97/manifests"},{"name":"v0.1.96","sha":"ee4a1be42d47fddb34fc18f7f31752390daa0875","kind":"commit","published_at":"2024-08-02T01:05:30.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.96","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.96","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.96","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.96/manifests"},{"name":"v0.1.95","sha":"459ba740dc8e01010299ec60559d3dfd4a48588e","kind":"commit","published_at":"2024-08-01T22:44:22.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.95","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.95","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.95","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.95/manifests"},{"name":"v0.1.94","sha":"546a36f4ae283d43df4ca7b0590eda5ba12206b0","kind":"commit","published_at":"2024-07-30T12:09:53.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.94","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.94","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.94","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.94/manifests"},{"name":"v0.1.93","sha":"0afc018ed5b4473b93ca0467b29fe64c908e0e87","kind":"commit","published_at":"2024-07-20T01:34:05.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.93","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.93","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.93","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.93/manifests"},{"name":"v0.1.92","sha":"5cd607b2a23bf2ceed15ff94e1ed309ce6a4c39b","kind":"commit","published_at":"2024-07-18T21:35:48.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.92","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.92","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.92","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.92/manifests"},{"name":"v0.1.91","sha":"fa06b91b697ac19eeda2254d432eb9773ca8a570","kind":"commit","published_at":"2024-07-18T20:06:26.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.91","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.91","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.91","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.91/manifests"},{"name":"v0.1.90","sha":"02a60d7e0cad6bc66fa4cdeb0fffd5e3f3042ca0","kind":"commit","published_at":"2024-07-17T23:42:56.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.90","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.90","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.90","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.90/manifests"},{"name":"v0.1.89","sha":"4147a60a757ca71b8d046906cc65628e2b90a917","kind":"commit","published_at":"2024-07-17T21:12:06.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.89","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.89","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.89","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.89/manifests"},{"name":"v0.1.88","sha":"158b9991dc40ec3621c780c5834a9d7adf0f5fab","kind":"commit","published_at":"2024-07-17T00:15:27.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.88","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.88","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.88","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.88/manifests"},{"name":"v0.1.87","sha":"690b1ea4d2cfcb823508b2c1287ac98d2c89daf2","kind":"commit","published_at":"2024-07-16T20:06:50.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.87","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.87","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.87","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.87/manifests"},{"name":"v0.1.86","sha":"867a2a56a985257e690df3cce557952f76679f7b","kind":"commit","published_at":"2024-07-16T00:20:22.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.86","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.86","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.86","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.86/manifests"},{"name":"v0.1.85","sha":"86e3701a101b42036a4674e681433e7a330112e3","kind":"commit","published_at":"2024-07-10T16:42:29.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.85","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.85","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.85","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.85/manifests"},{"name":"v0.1.84","sha":"6ac13f3c0659aeae34fda3a4417b4595fc549b7a","kind":"commit","published_at":"2024-07-08T01:38:04.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.84","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.84","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.84","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.84/manifests"},{"name":"v0.1.83","sha":"b9045e142515f4c68994ed40a63731ea5d6d5a61","kind":"commit","published_at":"2024-07-02T02:13:16.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.83","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.83","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.83","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.83/manifests"},{"name":"v0.1.82","sha":"48eef4ec091c44116ff4f43f40b2b5ac86e2a50d","kind":"commit","published_at":"2024-06-24T21:23:37.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.82","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.82","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.82","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.82/manifests"},{"name":"v0.1.81","sha":"96ddd9420623484cd7ef8d82f102eb9876ae9096","kind":"commit","published_at":"2024-06-19T22:02:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.81","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.81","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.81","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.81/manifests"},{"name":"v0.1.80","sha":"a009deb7ab5c2389022ade21833d1ee31d96ed3e","kind":"commit","published_at":"2024-06-18T23:03:59.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.80","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.80","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.80","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.80/manifests"},{"name":"v0.1.79","sha":"07a29a3874935cdf2793a1385e0fa2f4add92892","kind":"commit","published_at":"2024-06-18T02:22:00.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.79","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.79","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.79","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.79/manifests"},{"name":"v0.1.78","sha":"8e151eda056780223e08009de747694692ff98ae","kind":"commit","published_at":"2024-06-17T21:02:21.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.78","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.78","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.78","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.78/manifests"},{"name":"v0.1.77","sha":"33b260abfea7600ef390608ea9d5114414a9a8a3","kind":"commit","published_at":"2024-06-12T00:13:33.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.77","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.77","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.77","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.77/manifests"},{"name":"v0.1.76","sha":"a5e69fe9d61534d9295073f52ca530655d9fb726","kind":"commit","published_at":"2024-06-11T00:45:31.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.76","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.76","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.76","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.76/manifests"},{"name":"v0.1.75","sha":"aa8e174a65898abdea7990be7faba97d019acc8a","kind":"commit","published_at":"2024-06-06T20:00:11.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.75","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.75","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.75","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.75/manifests"},{"name":"v0.1.74","sha":"679585ca4f38fccb6a0e7d20ac873bd69bb37921","kind":"commit","published_at":"2024-06-06T04:29:33.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.74","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.74","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.74","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.74/manifests"},{"name":"v0.1.73","sha":"8bb007c210d573e04571e1d58fbf56ccecbc4a95","kind":"commit","published_at":"2024-06-05T19:12:59.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.73","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.73","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.73","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.73/manifests"},{"name":"v0.1.72","sha":"e7f46d08406774e4a94f10c90dd236d78ecf4f18","kind":"commit","published_at":"2024-06-05T14:50:32.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.72","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.72","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.72","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.72/manifests"},{"name":"v0.1.71","sha":"b5dfb3cdc5697446f88afae4cdddddb4f3b7b82f","kind":"commit","published_at":"2024-06-04T21:09:34.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.71","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.71","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.71","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.71/manifests"},{"name":"v0.1.70","sha":"42d33c60a6da1d10a9e19c571439e164f3892dcd","kind":"commit","published_at":"2024-06-04T20:56:29.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.70","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.70","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.70","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.70/manifests"},{"name":"v0.1.69","sha":"7326476f85c8c032a7fefabc27800cd41af41219","kind":"commit","published_at":"2024-06-04T05:19:51.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.69","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.69","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.69","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.69/manifests"},{"name":"v0.1.68","sha":"63fcf77db2190615a9558154d254771ca8ff79f3","kind":"commit","published_at":"2024-06-03T23:08:34.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.68","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.68","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.68","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.68/manifests"},{"name":"v0.1.67","sha":"ad3cb2dc0de74d071c6e29ea30db98b9ab61542a","kind":"commit","published_at":"2024-05-31T17:03:27.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.67","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.67","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.67","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.67/manifests"},{"name":"v0.1.66","sha":"4863cf88b2ae7376b026a8bfdf57dfb00ff81082","kind":"commit","published_at":"2024-05-31T16:06:18.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.66","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.66","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.66","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.66/manifests"},{"name":"v0.1.65","sha":"edccdb17deaa8a79dd3dd2a491a7e4f713235938","kind":"commit","published_at":"2024-05-30T14:07:06.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.65","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.65","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.65","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.65/manifests"},{"name":"v0.1.64","sha":"621fae6acf507a83401596239401563d7a163ff4","kind":"commit","published_at":"2024-05-30T09:44:26.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.64","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.64","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.64","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.64/manifests"},{"name":"v0.1.63","sha":"69d4dde24baa20a8bd5e32679d1c741541634315","kind":"commit","published_at":"2024-05-23T21:53:33.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.63","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.63","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.63","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.63/manifests"},{"name":"v0.1.62","sha":"505e779cc1a933cae92ef2a965951926d384eb33","kind":"commit","published_at":"2024-05-23T01:47:19.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.62","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.62","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.62","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.62/manifests"},{"name":"v0.1.61","sha":"8e8cea17af44ba416c8b23e891ca165c75b76c0a","kind":"commit","published_at":"2024-05-22T20:17:54.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.61","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.61","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.61","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.61/manifests"},{"name":"v0.1.60","sha":"1d8ee3684ec69c88ebc8a72c47314a183d45178b","kind":"commit","published_at":"2024-05-20T18:07:02.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.60","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.60","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.60","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.60/manifests"},{"name":"v0.1.59","sha":"6609487d040e7bd6f3682ec55fa80b6c7826ccde","kind":"commit","published_at":"2024-05-16T01:55:24.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.59","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.59","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.59","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.59/manifests"},{"name":"v0.1.58","sha":"fc3e06c56b336a3309cbdfb08b88415f54ecdcce","kind":"commit","published_at":"2024-05-15T15:09:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.58","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.58","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.58","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.58/manifests"},{"name":"v0.1.57","sha":"528359e5fc10b8937ec2da14b7b0b30378b56857","kind":"commit","published_at":"2024-05-11T17:25:42.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.57","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.57","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.57","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.57/manifests"},{"name":"v0.1.56","sha":"1f465d858fd369fac609806d322a9be465071a0a","kind":"commit","published_at":"2024-05-08T20:09:33.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.56","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.56","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.56","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.56/manifests"},{"name":"v0.1.55","sha":"8ea8bda2203646ff02054b8a766afe697a695271","kind":"commit","published_at":"2024-05-07T23:56:57.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.55","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.55","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.55","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.55/manifests"},{"name":"v0.1.54","sha":"6f6e23096a5b199beee72162f4dab6acaf563766","kind":"commit","published_at":"2024-05-04T00:15:03.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.54","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.54","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.54","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.54/manifests"},{"name":"v0.1.53","sha":"c06ebc58d3325b7ec62e791ae0b27bebe42d42e8","kind":"commit","published_at":"2024-05-02T17:00:25.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.53","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.53","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.53","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.53/manifests"},{"name":"v0.1.52","sha":"3bee3a351dddfd1792836f5a247199923174f3a6","kind":"commit","published_at":"2024-04-29T17:46:21.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.52","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.52","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.52","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.52/manifests"},{"name":"v0.1.51","sha":"ad9a9f786aad5d20ff01e637c5b6a4def6269540","kind":"commit","published_at":"2024-04-25T21:09:46.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.51","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.51","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.51","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.51/manifests"},{"name":"v0.1.50","sha":"bfe864336c11dcb98b6f3d9370fca5152445408f","kind":"commit","published_at":"2024-04-23T19:58:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.50","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.50","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.50","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.50/manifests"},{"name":"v0.1.49","sha":"aba2b9e91c6d4d277cf2c89121f9f53f2f8d192e","kind":"commit","published_at":"2024-04-19T01:05:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.49","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.49","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.49","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.49/manifests"},{"name":"v0.1.48","sha":"662ce5d0cb25a754c6627ee2e4aeda82ab89de00","kind":"commit","published_at":"2024-04-15T23:09:12.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.48","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.48","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.48","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.48/manifests"},{"name":"v0.1.47","sha":"2066011023fab751f38c5452e059ea415a87630c","kind":"commit","published_at":"2024-04-13T07:17:33.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.47","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.47","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.47","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.47/manifests"},{"name":"v0.1.46","sha":"0308d11c4747fa4dedde7c2b6b6501bbb27a02cb","kind":"commit","published_at":"2024-04-12T18:10:54.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.46","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.46","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.46","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.46/manifests"},{"name":"v0.1.45","sha":"e1297d58504446e2acde0ac4b21d0a2d53952d4a","kind":"commit","published_at":"2024-04-10T17:59:23.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.45","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.45","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.45","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.45/manifests"},{"name":"v0.1.44","sha":"bb1069b29671975ec12bdc6731f866b087f7a3b6","kind":"commit","published_at":"2024-04-10T17:44:32.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.44","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.44","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.44","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.44/manifests"},{"name":"v0.1.42","sha":"e1543642f186a738fad89779be7895a3773da894","kind":"commit","published_at":"2024-04-09T17:29:24.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.42","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.42","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.42","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.42/manifests"},{"name":"v0.1.40","sha":"2c4081cf06fc489e6219c9354651085f3495539e","kind":"commit","published_at":"2024-04-04T00:20:21.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.40","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.40","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.40","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.40/manifests"},{"name":"v0.1.39","sha":"d7643f9c864e62f49e904dba162ab952134c74e8","kind":"commit","published_at":"2024-04-03T04:52:30.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.39","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.39","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.39","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.39/manifests"},{"name":"v0.1.38","sha":"847eb451cfa405e1735afcb5337148812af5e3c3","kind":"commit","published_at":"2024-03-29T17:50:03.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.38","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.38","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.38","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.38/manifests"},{"name":"v0.1.37","sha":"c3d5fbc532cc8c58d462d24715295b6347185142","kind":"commit","published_at":"2024-03-28T22:50:19.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.37","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.37","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.37","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.37/manifests"},{"name":"v0.1.36","sha":"d6bdb6a53694731b5d19adfab6d86a1239735170","kind":"commit","published_at":"2024-03-28T00:23:12.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.36","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.36","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.36","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.36/manifests"},{"name":"v0.1.34","sha":"f35d651e94085d4ccf986d5dec7707165fb2bb50","kind":"commit","published_at":"2024-03-27T19:35:36.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.34","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.34","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.34","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.34/manifests"},{"name":"v0.1.33","sha":"545b7fae958a8730a59e2282d585b918b47ee6d2","kind":"commit","published_at":"2024-03-27T01:35:14.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.33","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.33","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.33","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.33/manifests"},{"name":"v0.1.31","sha":"99d96886126ffa2569c1b6525c468aef05bcb13d","kind":"commit","published_at":"2024-03-19T23:07:32.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.31","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.31","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.31","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.31/manifests"},{"name":"v0.1.30","sha":"87c0d048c978c43fd913c9464ef92fb9d82820d9","kind":"commit","published_at":"2024-03-19T22:01:04.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.30","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.30","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.30","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.30/manifests"},{"name":"v0.1.29","sha":"7f883bbadef1dba2f30bdbfcfa97ed68b48297e8","kind":"commit","published_at":"2024-03-19T01:54:07.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.29","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.29","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.29","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.29/manifests"},{"name":"v0.1.28","sha":"69670f57c5a2d8d645fda72932247981e9d5a16c","kind":"commit","published_at":"2024-03-18T21:54:14.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.28","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.28","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.28","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.28/manifests"},{"name":"v0.1.27","sha":"2ddb313b29516af0448f0a686ef89b397d70eabe","kind":"commit","published_at":"2024-03-16T00:03:25.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.27","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.27","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.27","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.27/manifests"},{"name":"v0.1.26","sha":"3905cb2dca7e7d69825bfb4d28e729677047ec10","kind":"commit","published_at":"2024-03-14T21:13:30.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.26","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.26","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.26","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.26/manifests"},{"name":"v0.1.25","sha":"b575914a4362e175b569456bf60e0a535aac634d","kind":"commit","published_at":"2024-03-14T00:14:47.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.25","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.25","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.25","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.25/manifests"},{"name":"v0.1.24","sha":"19cd100338a4b47069a7007b8ac68cf46b8aa489","kind":"commit","published_at":"2024-03-12T22:25:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.24","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.24","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.24","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.24/manifests"},{"name":"v0.1.23","sha":"6a9d12265d1f4e277d19213982988d7a5dd2f27e","kind":"commit","published_at":"2024-03-08T03:36:47.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.23","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.23","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.23","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.23/manifests"},{"name":"v0.1.22","sha":"4952ae753ec8f6c3909e5266582c5037ae6cf44a","kind":"commit","published_at":"2024-03-06T00:59:57.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.22","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.22","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.22","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.22/manifests"},{"name":"v0.1.21","sha":"45dd049204f162c1f7e15a9b5f1e68de6c622846","kind":"commit","published_at":"2024-03-05T17:02:11.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.21","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.21","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.21","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.21/manifests"},{"name":"v0.1.20","sha":"b37085fabec5c4e968ba32f0f2f3ae3e930db49a","kind":"commit","published_at":"2024-03-05T16:03:46.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.20","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.20/manifests"},{"name":"v0.1.19","sha":"34d0dfe639e7e657cacf06189a043e921875388c","kind":"commit","published_at":"2024-03-05T05:06:56.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.19","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.19/manifests"},{"name":"v0.1.18","sha":"40c4470a57b22759877bf14eac69f4e6a77b9f7a","kind":"commit","published_at":"2024-03-05T01:17:17.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.18","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.18/manifests"},{"name":"v0.1.17","sha":"3362883119c0d9abc36b06d0dfd333a32d3bdf4a","kind":"commit","published_at":"2024-03-04T22:07:40.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.17","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.17/manifests"},{"name":"v0.1.16","sha":"238ed5a3ed034e0f4f882d3b8cd6dbc9a9d75394","kind":"commit","published_at":"2024-03-04T20:56:04.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.16","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.16/manifests"},{"name":"v0.1.15","sha":"b4294a111ec457cfbff763d01417cd14b3580ad2","kind":"commit","published_at":"2024-03-04T19:53:21.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.15","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.15/manifests"},{"name":"v0.1.14","sha":"e4c85130dc4f3cbd953607419de7063f278306e1","kind":"commit","published_at":"2024-03-03T23:44:15.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.14","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.14/manifests"},{"name":"v0.1.13","sha":"d0a64dafa6ed07ba1d558065674a54ff2d5193dc","kind":"commit","published_at":"2024-03-02T03:37:58.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.13","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.13/manifests"},{"name":"v0.1.12","sha":"2ffa92fa9c05edb63ac7f7017a2a6e2efb90cebf","kind":"commit","published_at":"2024-03-01T19:51:15.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.12","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.12/manifests"},{"name":"v0.1.11","sha":"24b03eef22ead4f46cd4f34f402787f97b0c757c","kind":"commit","published_at":"2024-03-01T19:16:00.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.11","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.11/manifests"},{"name":"v0.1.10","sha":"ac92109e676bbeba8941f9900c1d5e9237afc103","kind":"commit","published_at":"2024-02-27T21:48:17.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.10","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.10/manifests"},{"name":"v0.1.9","sha":"13902a599aa5d9caefe52fe8ad6715d0ef4b2149","kind":"commit","published_at":"2024-02-26T20:52:41.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.9","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.9/manifests"},{"name":"v0.1.8","sha":"86c2a44fd6b6a205630b9a5471db89157ed24e98","kind":"commit","published_at":"2024-02-25T02:50:22.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.8","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.8/manifests"},{"name":"v0.1.7","sha":"a395085b862cb5d06ccc3304f799cb04360fae0b","kind":"commit","published_at":"2024-02-24T01:05:07.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.7","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.7/manifests"},{"name":"v0.1.6","sha":"ca944c68ea407c4e86c0160979081728b382d68a","kind":"commit","published_at":"2024-02-23T17:15:32.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.6","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.6/manifests"},{"name":"v0.1.5","sha":"e56ea5095dbc2f72f2ff7c8fa6e01cca185d6007","kind":"commit","published_at":"2024-02-21T01:57:07.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.5","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.5/manifests"},{"name":"v0.1.4","sha":"bedc1c9e30d131b9650ca0f7298256d7eb0da219","kind":"commit","published_at":"2024-02-21T00:06:21.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.4","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.4/manifests"},{"name":"v0.1.3","sha":"c1a81fc46359b1969965abf5f85fdfd6ef663cd6","kind":"commit","published_at":"2024-02-20T06:07:23.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.3","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.3/manifests"},{"name":"v0.1.2","sha":"c70c787fae7118b3b756ccffecc85fb7ee40a54b","kind":"commit","published_at":"2024-02-16T18:37:09.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.2","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.2/manifests"},{"name":"v0.1.1","sha":"286a5a60c658edb23a53c3db88bf87721d8a4299","kind":"commit","published_at":"2024-02-15T17:14:14.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.1","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.1/manifests"},{"name":"v0.1.0","sha":"4ef2c932ab3c1f3de6e46375db76bf2cc7864028","kind":"commit","published_at":"2024-02-15T08:12:49.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.1.0","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.1.0/manifests"},{"name":"v0.0.92","sha":"a9a12e98f20e7ac10b9526545e2a1f3a40e22b12","kind":"commit","published_at":"2024-02-14T22:27:02.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.92","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.92","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.92","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.92/manifests"},{"name":"v0.0.91","sha":"878ba0785d229aa19477c7d8913ea78bac8edda1","kind":"commit","published_at":"2024-02-13T22:27:37.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.91","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.91","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.91","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.91/manifests"},{"name":"v0.0.90","sha":"b214f3a5018ff686f5ddd4645ded217634424c1b","kind":"commit","published_at":"2024-02-10T01:23:18.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.90","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.90","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.90","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.90/manifests"},{"name":"v0.0.89","sha":"5bed6af4fbbe6bf400df49bcbcedf88f44452ca0","kind":"commit","published_at":"2024-02-09T20:55:44.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.89","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.89","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.89","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.89/manifests"},{"name":"v0.0.88","sha":"4d6ccae99bc3771ca294d56e49592cd035d7b06b","kind":"commit","published_at":"2024-02-09T16:08:53.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.88","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.88","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.88","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.88/manifests"},{"name":"v0.0.87","sha":"b8973ee9cd8d26514dbd395123fbc0ca3afe2d3d","kind":"commit","published_at":"2024-02-07T09:15:43.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.87","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.87","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.87","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.87/manifests"},{"name":"v0.0.86","sha":"9c3987705943c01ca3232e7c6a9e1c1b60bdb501","kind":"commit","published_at":"2024-02-02T03:41:33.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.86","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.86","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.86","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.86/manifests"},{"name":"v0.0.85","sha":"0386d55aaba7842f57d4b2701ee042fe370bcbaf","kind":"commit","published_at":"2024-01-30T19:47:58.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.85","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.85","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.85","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.85/manifests"},{"name":"v0.0.84","sha":"2c7f1665cabd480a05e6820b0503647c4c4d9496","kind":"commit","published_at":"2024-01-29T01:09:52.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.84","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.84","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.84","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.84/manifests"},{"name":"v0.0.83","sha":"4caf02422e8b5a6cd32cf633dfb558086da45e73","kind":"commit","published_at":"2024-01-18T23:30:25.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.83","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.83","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.83","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.83/manifests"},{"name":"v0.0.82","sha":"2ec513569469c0e09e7086e8e84ca76993b57ddb","kind":"commit","published_at":"2024-01-18T03:23:41.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.82","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.82","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.82","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.82/manifests"},{"name":"v0.0.81","sha":"e0a9f2f97b003cae4318e2d253b01f05f9cae233","kind":"commit","published_at":"2024-01-16T20:40:32.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.81","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.81","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.81","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.81/manifests"},{"name":"v0.0.80","sha":"f0fbd3e4bc478588c43da92b18a035664f5f74fa","kind":"commit","published_at":"2024-01-11T23:32:41.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.80","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.80","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.80","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.80/manifests"},{"name":"v0.0.79","sha":"37662f386a1cf51c7509158681cac33d93317b5a","kind":"commit","published_at":"2024-01-09T20:06:15.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.79","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.79","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.79","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.79/manifests"},{"name":"v0.0.78","sha":"ed34564912e593d88a12cfc7fcfc027b0e3bab7d","kind":"commit","published_at":"2024-01-08T17:03:30.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.78","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.78","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.78","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.78/manifests"},{"name":"v0.0.77","sha":"9c2b756a59221122e209e634a4275163e661ff04","kind":"commit","published_at":"2024-01-03T03:28:44.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.77","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.77","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.77","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.77/manifests"},{"name":"v0.0.76","sha":"dd368d86293b1f9638d6c278fc13caf4fc742129","kind":"commit","published_at":"2024-01-03T01:13:25.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.76","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.76","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.76","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.76/manifests"},{"name":"v0.0.75","sha":"5581be43ea1186b5ec77c1bad881ca17a29d0f1a","kind":"commit","published_at":"2023-12-22T21:23:55.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.75","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.75","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.75","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.75/manifests"},{"name":"v0.0.74","sha":"ed0754b1ce7849f2913d4f4a62ea5ba0e694835a","kind":"commit","published_at":"2023-12-21T23:41:56.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.74","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.74","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.74","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.74/manifests"},{"name":"v0.0.73","sha":"43fd528e8e5e81c761c7f32e61c1c44f0033e45e","kind":"commit","published_at":"2023-12-21T14:54:38.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.73","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.73","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.73","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.73/manifests"},{"name":"v0.0.72","sha":"407ebef6181828d376a94ecb45e766c05f970740","kind":"commit","published_at":"2023-12-18T23:46:37.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.72","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.72","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.72","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.72/manifests"},{"name":"v0.0.71","sha":"3e67717479c034bc61b9cb4d1c3a7ddfce94376b","kind":"commit","published_at":"2023-12-15T19:13:38.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.71","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.71","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.71","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.71/manifests"},{"name":"v0.0.70","sha":"41d83c0c2e1eaaf5800ab6d345c70caa37ac1449","kind":"commit","published_at":"2023-12-14T02:48:57.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.70","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.70","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.70","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.70/manifests"},{"name":"v0.0.69","sha":"cbdce01311d783e8c1ae0c452e7457446bd1eb12","kind":"commit","published_at":"2023-12-03T01:08:36.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.69","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.69","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.69","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.69/manifests"},{"name":"v0.0.68","sha":"1234475a6fc5158ee2dbdf1f546591a1e120bd5a","kind":"commit","published_at":"2023-12-01T19:38:13.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.68","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.68","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.68","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.68/manifests"},{"name":"v0.0.67","sha":"309f9d90d195ebf68493c4e2f7d11b10172befeb","kind":"commit","published_at":"2023-11-28T06:23:21.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.67","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.67","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.67","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.67/manifests"},{"name":"v0.0.66","sha":"87f0c3d039687773031bcf4d90a4e5cfd252f523","kind":"commit","published_at":"2023-11-20T23:45:58.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.66","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.66","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.66","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.66/manifests"},{"name":"v0.0.65","sha":"496dd6bcb7440600f4d7cdaeab1a0a34f717a35e","kind":"commit","published_at":"2023-11-17T21:18:22.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.65","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.65","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.65","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.65/manifests"},{"name":"v0.0.64","sha":"18449e5848d85ac0a320f320c37f454f949de1e1","kind":"commit","published_at":"2023-11-14T00:01:53.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.64","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.64","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.64","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.64/manifests"},{"name":"v0.0.63","sha":"5ff7fb6dc2c6fcc2c66c6121901089b44ee255e5","kind":"commit","published_at":"2023-11-09T23:24:21.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.63","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.63","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.63","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.63/manifests"},{"name":"v0.0.62","sha":"abd249b1fdaecdea554d463077f54ef74d04849e","kind":"commit","published_at":"2023-11-08T23:30:24.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.62","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.62","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.62","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.62/manifests"},{"name":"v0.0.61","sha":"de9cc91a5782293f0c107bc1652686ab14124dca","kind":"commit","published_at":"2023-11-08T22:57:15.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.61","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.61","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.61","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.61/manifests"},{"name":"v0.0.60","sha":"661aae98f56e99d07ab93c7e82aa350ac23cb584","kind":"commit","published_at":"2023-11-07T04:29:07.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.60","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.60","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.60","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.60/manifests"},{"name":"v0.0.59","sha":"96b06a0ee305dda6d7520211c1d3bc088a3043f6","kind":"commit","published_at":"2023-11-06T22:32:36.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.59","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.59","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.59","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.59/manifests"},{"name":"v0.0.58","sha":"c373ffbb5360b3513b3016acde69640cce8a5cd0","kind":"commit","published_at":"2023-11-06T18:21:09.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.58","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.58","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.58","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.58/manifests"},{"name":"v0.0.57","sha":"8a8f13ad269960f6140128f0304232d7480c8c0a","kind":"commit","published_at":"2023-11-03T22:53:45.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.57","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.57","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.57","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.57/manifests"},{"name":"v0.0.56","sha":"98992aa95c7842f40c3454a36147b5cc18321dd3","kind":"commit","published_at":"2023-11-01T04:40:44.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.56","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.56","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.56","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.56/manifests"},{"name":"v0.0.55","sha":"b03a21b693a71a66bcd0b74fba4d210d1b2ad37b","kind":"commit","published_at":"2023-11-01T04:02:40.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.55","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.55","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.55","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.55/manifests"},{"name":"v0.0.54","sha":"0c04410bc9d3184d9ee7a4733334cefe0c35ef07","kind":"commit","published_at":"2023-10-30T16:08:39.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.54","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.54","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.54","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.54/manifests"},{"name":"v0.0.53","sha":"7a139705d7a4c389c971b43c600f6d222f4feec1","kind":"commit","published_at":"2023-10-27T21:33:48.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.53","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.53","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.53","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.53/manifests"},{"name":"v0.0.52","sha":"3059fb0ee918fdb05e33cc4872d808ad83f0883b","kind":"commit","published_at":"2023-10-25T21:31:02.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.52","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.52","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.52","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.52/manifests"},{"name":"v0.0.51","sha":"0cf8462a7b57697781493666afe69301bb056283","kind":"commit","published_at":"2023-10-25T01:12:20.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.51","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.51","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.51","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.51/manifests"},{"name":"v0.0.50","sha":"0c6b177ad92458c7a763dfba1c77ab51b7f62adb","kind":"commit","published_at":"2023-10-24T21:49:26.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.50","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.50","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.50","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.50/manifests"},{"name":"v0.0.49","sha":"f214b87456ae80d5c871aaac5af44aad0b63a6d6","kind":"commit","published_at":"2023-10-20T17:12:34.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.49","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.49","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.49","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.49/manifests"},{"name":"v0.0.48","sha":"97f835f3b5a75631fa1ac5024998a2c49721463d","kind":"commit","published_at":"2023-10-20T16:07:10.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.48","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.48","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.48","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.48/manifests"},{"name":"v0.0.47","sha":"42da6ea16f27c49d7ec029417186e0ffeec14f9b","kind":"commit","published_at":"2023-10-19T17:51:06.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.47","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.47","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.47","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.47/manifests"},{"name":"v0.0.46","sha":"672720f02146f5dadb0be092bd7e9c463fc6d275","kind":"commit","published_at":"2023-10-18T16:28:51.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.46","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.46","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.46","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.46/manifests"},{"name":"v0.0.45","sha":"5a932978e1c26195909872592fed72be8954b368","kind":"commit","published_at":"2023-10-18T15:37:17.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.45","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.45","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.45","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.45/manifests"},{"name":"v0.0.44","sha":"380e1356cd546bdb50d70bded23d501671c7d306","kind":"commit","published_at":"2023-10-16T15:48:50.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.44","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.44","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.44","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.44/manifests"},{"name":"v0.0.43","sha":"77081a871528d717a4cd1730b16058960e0feeb6","kind":"commit","published_at":"2023-10-06T05:48:04.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.43","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.43","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.43","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.43/manifests"},{"name":"v0.0.42","sha":"3093b879ba46233120ac9155472caae7586b5e2f","kind":"commit","published_at":"2023-10-05T06:32:14.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.42","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.42","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.42","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.42/manifests"},{"name":"v0.0.41","sha":"d3c92386f470c094281ee4f831b4f821821a70c0","kind":"commit","published_at":"2023-09-27T03:06:49.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.41","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.41","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.41","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.41/manifests"},{"name":"v0.0.40","sha":"c66383c7ea73afde67e950b04dbcea4e44fccb00","kind":"commit","published_at":"2023-09-21T21:52:18.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.40","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.40","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.40","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.40/manifests"},{"name":"v0.0.39","sha":"45058c9253a3f457367e07c51bc3a5a2c7a1a379","kind":"commit","published_at":"2023-09-21T03:31:47.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.39","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.39","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.39","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.39/manifests"},{"name":"v0.0.38","sha":"ba23d27e0f21ef9865403b8a67db764bdb1d2388","kind":"commit","published_at":"2023-09-18T03:39:40.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.38","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.38","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.38","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.38/manifests"},{"name":"v0.0.37","sha":"7be14fafecf8592dd811c6d8275ed770035301b7","kind":"commit","published_at":"2023-09-14T00:04:31.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.37","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.37","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.37","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.37/manifests"},{"name":"v0.0.36","sha":"804dbbb002e470ab0c2cbf2efa9b03bbe324ad00","kind":"commit","published_at":"2023-09-12T20:01:18.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.36","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.36","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.36","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.36/manifests"},{"name":"v0.0.35","sha":"2ee34d937e70844fea90fe38a4ec2307c5539138","kind":"commit","published_at":"2023-09-08T18:19:02.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.35","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.35","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.35","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.35/manifests"},{"name":"v0.0.34","sha":"df947eebf1743c8935a91a82dc22204b898a7b82","kind":"commit","published_at":"2023-09-08T17:16:34.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.34","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.34","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.34","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.34/manifests"},{"name":"v0.0.33","sha":"809c1f9c2249d462fc063be10ac14247ba760b3c","kind":"commit","published_at":"2023-09-02T01:21:44.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.33","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.33","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.33","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.33/manifests"},{"name":"v0.0.32","sha":"92269b5bed3a64c62c5eeb9991901f693321b976","kind":"commit","published_at":"2023-09-01T05:54:02.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.32","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.32","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.32","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.32/manifests"},{"name":"v0.0.31","sha":"f3052271248fbb41516512b7089c2bde989a7d6d","kind":"commit","published_at":"2023-08-31T21:02:48.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.31","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.31","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.31","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.31/manifests"},{"name":"v0.0.30","sha":"bf457831615be8ffcf66e6daaca02b1adeea5228","kind":"commit","published_at":"2023-08-30T22:30:43.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.30","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.30","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.30","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.30/manifests"},{"name":"v0.0.29","sha":"817f3e60418002d01e83ddeea1ceb248089d5438","kind":"commit","published_at":"2023-08-30T13:22:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.29","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.29","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.29","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.29/manifests"},{"name":"v0.0.28","sha":"ccac205dc4e9cafa6c1795f8db4306675a9bd572","kind":"commit","published_at":"2023-08-30T02:34:17.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.28","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.28","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.28","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.28/manifests"},{"name":"v0.0.27","sha":"7e8c3ee5620904ffeb6c3e31ec930b8d5ed976fd","kind":"commit","published_at":"2023-08-27T21:02:38.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.27","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.27","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.27","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.27/manifests"},{"name":"v0.0.26","sha":"dfb60a260b0234b43536b873706afde770b105c0","kind":"commit","published_at":"2023-08-22T15:48:15.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.26","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.26","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.26","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.26/manifests"},{"name":"v0.0.25","sha":"647a54b0e34b4d0785d472f7dde5933bb5aa42a0","kind":"commit","published_at":"2023-08-18T23:54:12.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.25","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.25","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.25","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.25/manifests"},{"name":"v0.0.24","sha":"8392ba67f880136740ad3fe9b3178b17c70d1242","kind":"commit","published_at":"2023-08-17T07:12:11.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.24","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.24","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.24","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.24/manifests"},{"name":"v0.0.23","sha":"9237d7c5433c0590032fe11e7cc0a48f834ca7f0","kind":"commit","published_at":"2023-08-16T18:50:17.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.23","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.23","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.23","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.23/manifests"},{"name":"v0.0.22","sha":"7ea1881198068f617b668f19aeb64fc080e2fff2","kind":"commit","published_at":"2023-08-11T20:42:18.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.22","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.22","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.22","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.22/manifests"},{"name":"v0.0.21","sha":"58b7b76f37110fca27e2af0b3c65776d21fbd471","kind":"commit","published_at":"2023-08-10T21:50:13.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.21","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.21","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.21","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.21/manifests"},{"name":"v0.0.20","sha":"90e714c01ca37541d282d285e42228556df00104","kind":"commit","published_at":"2023-08-08T22:16:04.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.20","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.20/manifests"},{"name":"v0.0.19","sha":"e229f543ee054b8d30168699bcdf4578dee72a0a","kind":"commit","published_at":"2023-08-05T00:54:42.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.19","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.19/manifests"},{"name":"v0.0.18","sha":"3593d8a03e3ed9b60cfcd8b036da7814a2397047","kind":"commit","published_at":"2023-08-02T23:32:34.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.18","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.18/manifests"},{"name":"v","sha":"848709297bddfd81be49aa8a0194707f3e65d6e8","kind":"commit","published_at":"2023-07-15T15:49:52.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v/manifests"},{"name":"v0.0.17","sha":"8db3c1b3e26ab3bec2e96ea5a1fec70bcb1dec3a","kind":"commit","published_at":"2023-06-23T07:54:10.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.17","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.17/manifests"},{"name":"v0.0.16","sha":"ba9a402fff78f78ee3a4e1b594aaf289c5ac541a","kind":"commit","published_at":"2023-06-20T01:24:41.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.16","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.16/manifests"},{"name":"v0.0.15","sha":"fb635e4d6417643cabe09ff6b81a11d17f89e170","kind":"commit","published_at":"2023-06-20T00:14:27.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.15","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.15/manifests"},{"name":"v0.0.14","sha":"fb635e4d6417643cabe09ff6b81a11d17f89e170","kind":"commit","published_at":"2023-06-20T00:14:27.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.14","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.14/manifests"},{"name":"v0.0.13","sha":"aaba3a5b41ec8c3943931b136fd2b9b69d310eb3","kind":"commit","published_at":"2023-06-19T20:42:59.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.13","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.13/manifests"},{"name":"v0.0.12","sha":"5b0db391ba7d83751f79700466a9c1ffff578368","kind":"commit","published_at":"2023-06-19T19:12:21.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.12","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.12/manifests"},{"name":"v0.0.11","sha":"e26904e67370656d97849f048c1c43e9f8033f9c","kind":"commit","published_at":"2023-06-19T03:22:34.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.11","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.11/manifests"},{"name":"v0.0.10","sha":"48f2bbb9dfd616009d7df4e1a94aea03c20b034b","kind":"commit","published_at":"2023-06-14T05:24:30.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.10","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.10/manifests"},{"name":"v0.0.9","sha":"c482701b20839fca4fbc42a7027b9d6a54814501","kind":"commit","published_at":"2023-06-13T06:24:58.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.9","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.9/manifests"},{"name":"v0.0.8","sha":"7bc970715526bb38dba66248cd08311dff6d1657","kind":"commit","published_at":"2023-06-09T16:46:26.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.8","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.8/manifests"},{"name":"v0.0.7","sha":"c42be668037f380ac793642894f26cdd885bdcc3","kind":"commit","published_at":"2023-06-08T22:21:47.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.7","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.7/manifests"},{"name":"v0.0.6","sha":"6bc55cd055d413ee5cde5cc5642c5ba7dec8201b","kind":"commit","published_at":"2023-06-07T04:44:03.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.6","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.6/manifests"},{"name":"v0.0.5","sha":"0996dda5c4692a65cac1ac8b81f8ff5aced419a7","kind":"commit","published_at":"2023-06-07T02:19:29.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.5","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.5/manifests"},{"name":"v0.0.4","sha":"80f94d66e93b68c04de54f1e83eca9d46b70b702","kind":"commit","published_at":"2023-06-05T18:55:19.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.4","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.4/manifests"},{"name":"v0.0.3","sha":"01595291a1e9e287dbaebb268cb2c3dbfa422e04","kind":"commit","published_at":"2023-06-02T21:12:51.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.3","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.3/manifests"},{"name":"v0.0.2","sha":"fac00e31072cf56f1c4296c21c3b17cb0e6cafb3","kind":"commit","published_at":"2023-06-02T03:34:16.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.2","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.2/manifests"},{"name":"v0.0.1-rc4","sha":"9974e9de4b0907a8f5293e6aee8bdc7ee85c1f30","kind":"commit","published_at":"2023-06-01T21:56:23.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.1-rc4","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.1-rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.1-rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.1-rc4/manifests"},{"name":"v0.0.1-rc2","sha":"15ade49d866e46a6c42914d8466e73ae5cfb5bab","kind":"commit","published_at":"2023-06-01T21:07:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.1-rc2","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.1-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.1-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.1-rc2/manifests"},{"name":"v0.0.1-rc3","sha":"15ade49d866e46a6c42914d8466e73ae5cfb5bab","kind":"commit","published_at":"2023-06-01T21:07:28.000Z","download_url":"https://codeload.github.com/langchain-ai/langsmith-sdk/tar.gz/v0.0.1-rc3","html_url":"https://github.com/langchain-ai/langsmith-sdk/releases/tag/v0.0.1-rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.1-rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flangsmith-sdk/tags/v0.0.1-rc3/manifests"}]},"repo_metadata_updated_at":"2024-09-05T11:42:04.322Z","dependent_packages_count":12,"downloads":5825320,"downloads_period":"last-month","dependent_repos_count":1422,"rankings":{"downloads":0.30240033419358275,"dependent_repos_count":0.5299155123857693,"dependent_packages_count":1.7801137545680426,"stargazers_count":4.195365398903733,"forks_count":5.356301729358724,"docker_downloads_count":1.8073054267947517,"average":2.3285670260341003},"purl":"pkg:npm/langsmith","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/langsmith","docker_dependents_count":26,"docker_downloads_count":150549687,"usage_url":"https://repos.ecosyste.ms/usage/npm/langsmith","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/langsmith/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/langsmith/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/langsmith/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/langsmith/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/langsmith/related_packages","maintainers":[{"uuid":"jacoblee93","login":"jacoblee93","name":null,"email":"jacoblee93@gmail.com","url":null,"packages_count":106,"html_url":"https://www.npmjs.com/~jacoblee93","role":null,"created_at":"2024-02-15T21:29:06.282Z","updated_at":"2024-02-15T21:29:06.282Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/jacoblee93/packages"},{"uuid":"davidduong","login":"davidduong","name":null,"email":"david@duong.cz","url":null,"packages_count":66,"html_url":"https://www.npmjs.com/~davidduong","role":null,"created_at":"2024-05-02T20:30:17.792Z","updated_at":"2024-05-02T20:30:17.792Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/davidduong/packages"},{"uuid":"basproul","login":"basproul","name":null,"email":"braceasproul@gmail.com","url":null,"packages_count":68,"html_url":"https://www.npmjs.com/~basproul","role":null,"created_at":"2024-08-22T23:12:18.236Z","updated_at":"2024-08-22T23:12:18.236Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/basproul/packages"},{"uuid":"wifuhi","login":"wifuhi","name":null,"email":"whinthorn@gmail.com","url":null,"packages_count":2,"html_url":"https://www.npmjs.com/~wifuhi","role":null,"created_at":"2023-06-26T22:59:54.726Z","updated_at":"2023-06-26T22:59:54.726Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/wifuhi/packages"},{"uuid":"maddyadams","login":"maddyadams","name":null,"email":"madelyn.adams1@gmail.com","url":null,"packages_count":54,"html_url":"https://www.npmjs.com/~maddyadams","role":null,"created_at":"2024-07-26T20:10:14.555Z","updated_at":"2024-07-26T20:10:14.555Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/maddyadams/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5005319,"maintainers_count":1012639,"namespaces_count":295318,"keywords_count":699769,"github":"npm","metadata":{"funded_packages_count":150180},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-05T05:52:15.849Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":183,"unique_repositories_count_past_30_days":33,"recent_issues":[{"uuid":"4654916712","node_id":"PR_kwDORDKUu87mCn8x","number":5,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T08:34:44.000Z","updated_at":"2026-06-13T08:35:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"@hono/node-server","old_version":"1.19.11","new_version":"1.19.13","repository_url":"https://github.com/honojs/node-server"},{"name":"hono","old_version":"4.12.11","new_version":"4.12.21","repository_url":"https://github.com/honojs/hono"},{"name":"mongoose","old_version":"8.21.1","new_version":"8.22.1","repository_url":"https://github.com/Automattic/mongoose"},{"name":"axios","old_version":"1.13.5","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"langsmith","old_version":"0.4.12","new_version":"0.7.7","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"react-router","old_version":"7.13.0","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.19.11` | `1.19.13` |\n| [hono](https://github.com/honojs/hono) | `4.12.11` | `4.12.21` |\n| [mongoose](https://github.com/Automattic/mongoose) | `8.21.1` | `8.22.1` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.17.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.10` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.4.12` | `0.7.7` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.13.0` | `7.17.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n\n\nUpdates `@hono/node-server` from 1.19.11 to 1.19.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.12.11 to 4.12.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.21\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eapp.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eapp.mount()\u003c/code\u003e. Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3\u003c/p\u003e\n\u003ch3\u003eIP Restriction bypasses static deny rules for non-canonical IPv6\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/ip-restriction\u003c/code\u003e. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5\u003c/p\u003e\n\u003ch3\u003eCookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cookie\u003c/code\u003e. Fixes missing validation of \u003ccode\u003esameSite\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e options against injection characters (\u003ccode\u003e;\u003c/code\u003e, \u003ccode\u003e\\r\u003c/code\u003e, \u003ccode\u003e\\n\u003c/code\u003e), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x\u003c/p\u003e\n\u003ch3\u003eJWT middleware accepts any Authorization scheme, not only Bearer\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/jwt\u003c/code\u003e, \u003ccode\u003ehono/jwk\u003c/code\u003e. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use \u003ccode\u003eapp.mount()\u003c/code\u003e, \u003ccode\u003ehono/ip-restriction\u003c/code\u003e, \u003ccode\u003ehono/cookie\u003c/code\u003e, or \u003ccode\u003ehono/jwt\u003c/code\u003e/\u003ccode\u003ehono/jwk\u003c/code\u003e are encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.20\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(route): preserve the base path of the mounted route() app by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4942\"\u003ehonojs/hono#4942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(jsx): widen jsx and jsxFn children to Child[] by \u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.19...v4.12.20\"\u003ehttps://github.com/honojs/hono/compare/v4.12.19...v4.12.20\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.19\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: pin GitHub Actions to SHAs by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4932\"\u003ehonojs/hono#4932\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serveStatic): make options parameter optional in all adapters by \u003ca href=\"https://github.com/mixelburg\"\u003e\u003ccode\u003e@​mixelburg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4934\"\u003ehonojs/hono#4934\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(cookie): return the first cookie when there are multiple cookies with the same name by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4922\"\u003ehonojs/hono#4922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(bearer-auth): make bearerAuth generic for typed context in verifyToken by \u003ca href=\"https://github.com/justinnais\"\u003e\u003ccode\u003e@​justinnais\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4913\"\u003ehonojs/hono#4913\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(cache): key cache entries by configured vary headers by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4915\"\u003ehonojs/hono#4915\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(request): add \u003ccode\u003ebytes()\u003c/code\u003e by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4921\"\u003ehonojs/hono#4921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stream): upgrade \u003ccode\u003e@hono/node-server\u003c/code\u003e to v2 and fix abort handling by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4940\"\u003ehonojs/hono#4940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/justinnais\"\u003e\u003ccode\u003e@​justinnais\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4913\"\u003ehonojs/hono#4913\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.18...v4.12.19\"\u003ehttps://github.com/honojs/hono/compare/v4.12.18...v4.12.19\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a83ddb882e0c0b8c336050dba087bb2e1b12488e\"\u003e\u003ccode\u003ea83ddb8\u003c/code\u003e\u003c/a\u003e 4.12.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1\"\u003e\u003ccode\u003e6cbb025\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c831020fb1fa2e929d222f6c84e1abfe013e512b\"\u003e\u003ccode\u003ec831020\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/905aedbc20661e0e2fa378783a7ec44a5c3df43d\"\u003e\u003ccode\u003e905aedb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/5463db2735476959b8af67756f4e513f4fe19115\"\u003e\u003ccode\u003e5463db2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c657a39ccc8d3194d345d9e82c8587bd25b5b6e8\"\u003e\u003ccode\u003ec657a39\u003c/code\u003e\u003c/a\u003e 4.12.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/eb2d0c238adbcee5933d0f8c15f1a65a88f50565\"\u003e\u003ccode\u003eeb2d0c2\u003c/code\u003e\u003c/a\u003e fix(jsx): widen jsx and jsxFn children to Child[] (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4947\"\u003e#4947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/dcabbece347817ef7193439c39d28546b8ac3a85\"\u003e\u003ccode\u003edcabbec\u003c/code\u003e\u003c/a\u003e fix(route): preserve the base path of the mounted route() app (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4942\"\u003e#4942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/7e62bcd22fa4e8f0e83cb564bac85e32f5434dd3\"\u003e\u003ccode\u003e7e62bcd\u003c/code\u003e\u003c/a\u003e 4.12.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/e2f252a8745eb25f06485b8d43e8410bf027c8ef\"\u003e\u003ccode\u003ee2f252a\u003c/code\u003e\u003c/a\u003e fix(stream): upgrade \u003ccode\u003e@hono/node-server\u003c/code\u003e to v2 and fix abort handling (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4940\"\u003e#4940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.11...v4.12.21\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mongoose` from 8.21.1 to 8.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/mongoose/releases\"\u003emongoose's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e8.22.1 / 2025-02-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle other top-level query operators in sanitizeFilter\u003c/li\u003e\n\u003cli\u003efix(document): when cloning a doc with subdocs, make sure the subdocs parent is the cloned doc \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15904\"\u003e#15904\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15901\"\u003e#15901\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(models): support Mongoose query casting in AnyBulkWriteOperation filter property \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15910\"\u003e#15910\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add toBSON() to documents \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15927\"\u003e#15927\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.22.0 / 2026-01-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat(model): allow passing strict option to hydrate() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15944\"\u003e#15944\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15940\"\u003e#15940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md\"\u003emongoose's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e8.22.1 / 2026-02-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle other top-level query operators in sanitizeFilter\u003c/li\u003e\n\u003cli\u003efix(document): when cloning a doc with subdocs, make sure the subdocs parent is the cloned doc \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15904\"\u003e#15904\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15901\"\u003e#15901\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(models): support Mongoose query casting in AnyBulkWriteOperation filter property \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15910\"\u003e#15910\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add toBSON() to documents \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15927\"\u003e#15927\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e7.8.9 / 2026-02-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle other top-level query operators in sanitizeFilter\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.22.0 / 2026-01-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat(model): allow passing strict option to hydrate() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15944\"\u003e#15944\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15940\"\u003e#15940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/472e7c7072e6696ead2cc06123b18a2068c1e04c\"\u003e\u003ccode\u003e472e7c7\u003c/code\u003e\u003c/a\u003e chore: release 8.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/17351494cd540ea60f24515f99e88506a95c5b8b\"\u003e\u003ccode\u003e1735149\u003c/code\u003e\u003c/a\u003e Merge branch '7.x' into 8.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/52278018019e8a331e1556bfc88c30c673404102\"\u003e\u003ccode\u003e5227801\u003c/code\u003e\u003c/a\u003e chore: release 7.8.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/b804e34e4d4cc670d7247fbd558c47412b4e5e01\"\u003e\u003ccode\u003eb804e34\u003c/code\u003e\u003c/a\u003e fix: handle other top-level query operators in sanitizeFilter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/8d9a81f54a9b9fa8ae5f5091dda5b082437ad69b\"\u003e\u003ccode\u003e8d9a81f\u003c/code\u003e\u003c/a\u003e chore: release 8.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/f752854cee2000df5ca46c6bd961df86fc2461e7\"\u003e\u003ccode\u003ef752854\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15985\"\u003e#15985\u003c/a\u003e from Automattic/8.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/e7a57ed33ad1a96c03716edb2ec69546a656fffa\"\u003e\u003ccode\u003ee7a57ed\u003c/code\u003e\u003c/a\u003e avoid hardcoding dbName\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/62fc773b9cbede4c186187060b4562e9be9ae8ef\"\u003e\u003ccode\u003e62fc773\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15944\"\u003e#15944\u003c/a\u003e from Automattic/vkarpov15/\u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15940\"\u003egh-15940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/d859c1b9a587c5db79e949620051b3892dac83f8\"\u003e\u003ccode\u003ed859c1b\u003c/code\u003e\u003c/a\u003e remove duplicate strict mode check, unnecessary because if opts.strict is set...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/4660d6133ff585349bbf975cc147377fa85be3fb\"\u003e\u003ccode\u003e4660d61\u003c/code\u003e\u003c/a\u003e docs: add strict option to JSDoc re: code review comments\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Automattic/mongoose/compare/8.21.1...8.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.17.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.17.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4306df21e84332fc576e98c2de549347c06bfb76\"\u003e\u003ccode\u003e4306df2\u003c/code\u003e\u003c/a\u003e chore: add fun 88 sponsorship\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/931cc8f0106db4c9885403f85364b9e09ae1f6dc\"\u003e\u003ccode\u003e931cc8f\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.17.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/38ba1b3d2b0aa5ada0463a37a548feb83a84dfa1\"\u003e\u003ccode\u003e38ba1b3\u003c/code\u003e\u003c/a\u003e fix(fetch): support basic auth from URL (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32e2515f1e09b649723e4acd89d920df13eee77e\"\u003e\u003ccode\u003e32e2515\u003c/code\u003e\u003c/a\u003e fix: replace ternary side effect in script (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/030e7223831b0f562af3eb7501b24242c8a4c5ba\"\u003e\u003ccode\u003e030e722\u003c/code\u003e\u003c/a\u003e chore(deps): bump axios from 1.15.2 to 1.16.1 in /docs (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ec63164ac6b7a1fcd6b742a8628d3fffe23ce001\"\u003e\u003ccode\u003eec63164\u003c/code\u003e\u003c/a\u003e chore: remove openspec (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3dec28f94ce29d396d5f2d9718805b47428dc7ab\"\u003e\u003ccode\u003e3dec28f\u003c/code\u003e\u003c/a\u003e fix(http): preserve TLS options for proxy tunnels (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a2390a5c059342bcac2a5297728181dd9939f562\"\u003e\u003ccode\u003ea2390a5\u003c/code\u003e\u003c/a\u003e fix: correct isCancel type to narrow to CanceledError\u0026lt;T\u0026gt; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fa01b9255d71e72599826428bc6c60f34994c6ce\"\u003e\u003ccode\u003efa01b92\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump tmp from 0.2.5 to 0.2.7 in /docs (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d2314a1ac29ce6723eb53e130b4a36617fd201c\"\u003e\u003ccode\u003e2d2314a\u003c/code\u003e\u003c/a\u003e fix: AxiosHeaders \u003ccode\u003etoJSON()\u003c/code\u003e return types (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.4.12 to 0.7.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(js): subagent tool calls tracking for latest claude agent sdk by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2463\"\u003elangchain-ai/langsmith-sdk#2463\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.5 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2464\"\u003elangchain-ai/langsmith-sdk#2464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Respect traceRawHttp for tracing streaming AI SDK calls by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2466\"\u003elangchain-ai/langsmith-sdk#2466\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2467\"\u003elangchain-ai/langsmith-sdk#2467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add WebSocket transport for sandbox commands by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2443\"\u003elangchain-ai/langsmith-sdk#2443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(python): add tests for WebSocket transport layer by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2445\"\u003elangchain-ai/langsmith-sdk#2445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): use WebSocket transport by default with HTTP fallback by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2446\"\u003elangchain-ai/langsmith-sdk#2446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add CommandHandle for streaming, kill, stdin, and reconnect by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2450\"\u003elangchain-ai/langsmith-sdk#2450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(python): add tests for CommandHandle and sandbox streaming integration by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2448\"\u003elangchain-ai/langsmith-sdk#2448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(python): document sandbox streaming, kill, stdin, and reconnect by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2449\"\u003elangchain-ai/langsmith-sdk#2449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump google-cloud-aiplatform from 1.126.1 to 1.133.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2465\"\u003elangchain-ai/langsmith-sdk#2465\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix list commits endpoint for private prompts by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2479\"\u003elangchain-ai/langsmith-sdk#2479\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: persist failed trace payloads to disk for later replay by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2476\"\u003elangchain-ai/langsmith-sdk#2476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add native thread querying support by \u003ca href=\"https://github.com/ericdong-langchain\"\u003e\u003ccode\u003e@​ericdong-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2455\"\u003elangchain-ai/langsmith-sdk#2455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add raw response parsing for responses api to openai wrapper by \u003ca href=\"https://github.com/victorm-lc\"\u003e\u003ccode\u003e@​victorm-lc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2480\"\u003elangchain-ai/langsmith-sdk#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add integration and version num by \u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2481\"\u003elangchain-ai/langsmith-sdk#2481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.5.7 by \u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2482\"\u003elangchain-ai/langsmith-sdk#2482\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2481\"\u003elangchain-ai/langsmith-sdk#2481\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.6...v0.7.7\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.6...v0.7.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(python): add sandbox exception types and client plumbing by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2442\"\u003elangchain-ai/langsmith-sdk#2442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py, claude agent sdk): Correctly parent spans in asyncio context by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2457\"\u003elangchain-ai/langsmith-sdk#2457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(py): Improve retry logic for tracing ops by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2459\"\u003elangchain-ai/langsmith-sdk#2459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(py, claude agent sdk): Add wrapping for PostToolUseFailure hook by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2460\"\u003elangchain-ai/langsmith-sdk#2460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(claude agent sdk): rm debug logs by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2461\"\u003elangchain-ai/langsmith-sdk#2461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.6 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2462\"\u003elangchain-ai/langsmith-sdk#2462\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump chalk from 4.1.2 to 5.6.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2416\"\u003elangchain-ai/langsmith-sdk#2416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump \u003ccode\u003e@​jest/reporters\u003c/code\u003e from 29.7.0 to 30.2.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2417\"\u003elangchain-ai/langsmith-sdk#2417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 16 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2440\"\u003elangchain-ai/langsmith-sdk#2440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pandas-stubs from 2.3.3.251219 to 2.3.3.260113 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2404\"\u003elangchain-ai/langsmith-sdk#2404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group across 1 directory with 10 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2433\"\u003elangchain-ai/langsmith-sdk#2433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake zstandard optional by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2453\"\u003elangchain-ai/langsmith-sdk#2453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py/adk): fix multi-agent tracing by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2451\"\u003elangchain-ai/langsmith-sdk#2451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.5 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2456\"\u003elangchain-ai/langsmith-sdk#2456\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.4...v0.7.5\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.4...v0.7.5\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1fef3d59b3c14d76c1f2d9dedfaecb542fda477a\"\u003e\u003ccode\u003e1fef3d5\u003c/code\u003e\u003c/a\u003e fix: bump versions (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2482\"\u003e#2482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/f947fee76450caf6d267bff629b2fd7794e84dad\"\u003e\u003ccode\u003ef947fee\u003c/code\u003e\u003c/a\u003e fix: add integration and version num (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2481\"\u003e#2481\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/fd2811f0ffa3c14336f82057b9415accd22224c3\"\u003e\u003ccode\u003efd2811f\u003c/code\u003e\u003c/a\u003e feat: add raw response parsing for responses api to openai wrapper (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2480\"\u003e#2480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/f165a5fc94c990968a2e2e27c9b01e556a429d35\"\u003e\u003ccode\u003ef165a5f\u003c/code\u003e\u003c/a\u003e feat: add native thread querying support (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2455\"\u003e#2455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1fbe820e803a65f5fce1b16eee3780a81ec0249a\"\u003e\u003ccode\u003e1fbe820\u003c/code\u003e\u003c/a\u003e feat: persist failed trace payloads to disk for later replay (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2476\"\u003e#2476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/ada8d848f97cd92eb9f2d361e7b6e3373a111d0d\"\u003e\u003ccode\u003eada8d84\u003c/code\u003e\u003c/a\u003e fix(js): Fix list commits endpoint for private prompts (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2479\"\u003e#2479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8226f422679a2a27ae55071267db9674f640de7b\"\u003e\u003ccode\u003e8226f42\u003c/code\u003e\u003c/a\u003e chore(deps): bump google-cloud-aiplatform from 1.126.1 to 1.133.0 in /python ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/fe5ea0cbd44b083d4e86887f79f0ddff5f9fec73\"\u003e\u003ccode\u003efe5ea0c\u003c/code\u003e\u003c/a\u003e docs(python): document sandbox streaming, kill, stdin, and reconnect (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2449\"\u003e#2449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/087431bd27c9abb68ab9fad4302b89db0b468ef7\"\u003e\u003ccode\u003e087431b\u003c/code\u003e\u003c/a\u003e test(python): add tests for CommandHandle and sandbox streaming integration (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/642148e977ebe3b6f3e7a6abe0f6872d278ad1c0\"\u003e\u003ccode\u003e642148e\u003c/code\u003e\u003c/a\u003e feat(python): add CommandHandle for streaming, kill, stdin, and reconnect (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2\"\u003e#2\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.4.12...v0.7.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 7.13.0 to 7.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eShip a subset of the official documentation inside the \u003ccode\u003ereact-router\u003c/code\u003e package (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15121\"\u003e#15121\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eMarkdown docs are now available in \u003ccode\u003enode_modules/react-router/docs\u003c/code\u003e, letting AI coding agents and the React Router agent skills read official docs locally\u003c/li\u003e\n\u003cli\u003eExcludes auto-generated API docs (\u003ccode\u003eapi/\u003c/code\u003e), \u003ccode\u003ecommunity/\u003c/code\u003e content, and tutorials (\u003ccode\u003etutorials/\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStabilize \u003ccode\u003efuture.unstable_trailingSlashAwareDataRequests\u003c/code\u003e as \u003ccode\u003efuture.v8_trailingSlashAwareDataRequests\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15098\"\u003e#15098\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisable manifest path when lazy route dicovery is disabled (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15068\"\u003e#15068\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix browser URL creation to use the configured history window instead of the global window. (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15066\"\u003e#15066\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePass the history/router window through to \u003ccode\u003ecreateBrowserURLImpl\u003c/code\u003e so custom window contexts keep the correct URL origin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003euseNavigation()\u003c/code\u003e return type to preserve discriminated union across navigation states (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15095\"\u003e#15095\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWiden \u003ccode\u003eMetaDescriptor\u003c/code\u003e \u003ccode\u003escript:ld+json\u003c/code\u003e type from \u003ccode\u003eLdJsonObject\u003c/code\u003e to \u003ccode\u003eLdJsonObject | LdJsonObject[]\u003c/code\u003e to permit multiple JSON-LD schemas in a single \u003ccode\u003e\u0026lt;script type=\u0026quot;application/ld+json\u0026quot;\u0026gt;\u003c/code\u003e tag emitted by \u003ccode\u003e\u0026lt;Meta /\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15082\"\u003e#15082\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate router to operate on fetcher Maps in an immutable manner to avoid delayed React renders from potentially reading an updated but not yet committed Map. This could result in brief flickers in some fetcher-driven optimistic UI scenarios. (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15028\"\u003e#15028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eserverLoader()\u003c/code\u003e returning stale SSR data when a client navigation aborts pending hydration before the hydration \u003ccode\u003eclientLoader\u003c/code\u003e resolves (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15022\"\u003e#15022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRouterProvider\u003c/code\u003e \u003ccode\u003eonError\u003c/code\u003e callback not being called for synchronous initial loader errors in SPA mode (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15039\"\u003e#15039\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14942\"\u003e#14942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMemoize \u003ccode\u003euseFetchers\u003c/code\u003e to return a stable identity and only change if fetchers changed (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15028\"\u003e#15028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInternal refactor to consolidate mutation request detection through shared utility (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15033\"\u003e#15033\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnstable Changes\u003c/h3\u003e\n\u003cp\u003e⚠️ \u003cem\u003e\u003ca href=\"https://reactrouter.com/community/api-development-strategy#unstable-flags\"\u003eUnstable features\u003c/a\u003e are not recommended for production use\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a new \u003ccode\u003eunstable_useRouterState()\u003c/code\u003e hook that consolidates access to active and pending router states (RFC: \u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/12358\"\u003e#12358\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15017\"\u003e#15017\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eData/Framework/RSC only — throws when used without a data router\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThis should allow you to consolidate usages of the following hooks which will likely be deprecated and removed in a future major version\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003euseLocation\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseSearchParams\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseParams\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseMatches\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseNavigationType\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseNavigation\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/195a0d03c1417127ccee73853058c8521beb4fce\"\u003e\u003ccode\u003e195a0d0\u003c/code\u003e\u003c/a\u003e Release v7.17.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15145\"\u003e#15145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/963affeb924f2256bd20c0c5c87e4c4b4fcbd188\"\u003e\u003ccode\u003e963affe\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/97ef91d6f97e883d2d830fd1aef35ed3ae55e3a1\"\u003e\u003ccode\u003e97ef91d\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/c509c160d4258961ca0156ec083e35f3cf2bf97e\"\u003e\u003ccode\u003ec509c16\u003c/code\u003e\u003c/a\u003e Publish React Router docs in package (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15121\"\u003e#15121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/508d667460a3efd4b937cb67ca79494ea78960c4\"\u003e\u003ccode\u003e508d667\u003c/code\u003e\u003c/a\u003e docs: fix documentation accuracy issues (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15128\"\u003e#15128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/4099277ed68056bf480a4e0988b5a3bc685538cd\"\u003e\u003ccode\u003e4099277\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/582035467f34645521a2b272c3ec52906a495da4\"\u003e\u003ccode\u003e5820354\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/8984d23f86ca7ae5655711744b77816090bda4e6\"\u003e\u003ccode\u003e8984d23\u003c/code\u003e\u003c/a\u003e Release v7.16.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15105\"\u003e#15105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/d71025d9b86854180c995cb36fd3d28f58c459bf\"\u003e\u003ccode\u003ed71025d\u003c/code\u003e\u003c/a\u003e Stabilize trailing slash aware data requests (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15098\"\u003e#15098\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/6e21b638e1e692eaf19a8ff98ec05d28d5b23c70\"\u003e\u003ccode\u003e6e21b63\u003c/code\u003e\u003c/a\u003e fix: keep useNavigation() return type a discriminated union (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15095\"\u003e#15095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@7.17.0/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `shell-quote` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md\"\u003eshell-quote's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/compare/v1.8.3...v1.8.4\"\u003ev1.8.4\u003c/a\u003e - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003equote\u003c/code\u003e: validate object-token shapes \u003ca href=\"https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d\"\u003e\u003ccode\u003e4378a6e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/22ebec04349065a45ad8afc8cc8d53c4624634a6\"\u003e\u003ccode\u003e22ebec0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage \u003ca href=\"https://github.com/ljh...\n\n_Description has been truncated_","html_url":"https://github.com/theunstopabble/TexFolio/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/theunstopabble%2FTexFolio/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"4653642847","node_id":"PR_kwDOLOyHzc7l-sK0","number":10,"state":"open","title":"Bump the npm_and_yarn group across 3 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T00:56:44.000Z","updated_at":"2026-06-13T00:57:22.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"uuid","old_version":"9.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@tootallnate/once","old_version":"2.0.0","new_version":"2.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"lodash.template","old_version":"4.5.0","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"tar","old_version":"6.1.15","new_version":"6.2.1"},{"name":"esbuild","old_version":"0.27.7","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"langsmith","old_version":"0.3.87","new_version":"0.7.7"},{"name":"esbuild","old_version":"0.28.0","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /app directory: [uuid](https://github.com/uuidjs/uuid), [@tootallnate/once](https://github.com/TooTallNate/once) and [lodash.template](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 2 updates in the /examples/langchain-typescript-simple directory: [uuid](https://github.com/uuidjs/uuid) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /examples/typescript-functioncalling directory: [esbuild](https://github.com/evanw/esbuild).\n\nUpdates `uuid` from 9.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 2.0.0 to 2.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e@​tootallnate/once's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea1e5e2d: Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/v2.0.1/CHANGELOG.md\"\u003e@​tootallnate/once's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea1e5e2d: Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/bcbb21d387e5fb2d0bf8ec2fd8d0ac97d4553241\"\u003e\u003ccode\u003ebcbb21d\u003c/code\u003e\u003c/a\u003e ci: fix OIDC publishing — Node 24, npm latest, provenance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/dc24387be8e3405f1e7c911caf76c87b72a0e145\"\u003e\u003ccode\u003edc24387\u003c/code\u003e\u003c/a\u003e Version Packages (2.x) (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b8a6f80afcfd2482b4bdb1e29d784340a05e0ce3\"\u003e\u003ccode\u003eb8a6f80\u003c/code\u003e\u003c/a\u003e CI: test all Node versions on Linux only\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/dabcc0fb6202663cd83994f0a21ea1c710395327\"\u003e\u003ccode\u003edabcc0f\u003c/code\u003e\u003c/a\u003e ci: drop EOL Node.js 14.x/16.x, add 22.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b464efcf4238d92590245b4d211d2fc05a94d28a\"\u003e\u003ccode\u003eb464efc\u003c/code\u003e\u003c/a\u003e Update CI: modern Node versions, fix macOS ARM64 compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a1e5e2d784bcd1c65e49fac1524c6c94fe81f871\"\u003e\u003ccode\u003ea1e5e2d\u003c/code\u003e\u003c/a\u003e Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/2.0.0...v2.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash.template` from 4.5.0 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash.template's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.5.0...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 6.1.15 to 6.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bef7b1e4ffab822681fea2a9b22187192ed14717\"\u003e\u003ccode\u003ebef7b1e\u003c/code\u003e\u003c/a\u003e 6.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fe8cd57da5686f8695415414bda49206a545f7f7\"\u003e\u003ccode\u003efe8cd57\u003c/code\u003e\u003c/a\u003e prevent extraction in excessively deep subfolders\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fe7ebfdcede1f8a2e65db12e19ecc4b3a9934648\"\u003e\u003ccode\u003efe7ebfd\u003c/code\u003e\u003c/a\u003e remove security.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/5bc9d404e88c39870e0fbb55655a53de6fbf0a04\"\u003e\u003ccode\u003e5bc9d40\u003c/code\u003e\u003c/a\u003e 6.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fe1ef5ec87156ddadcec8b70cdec201f26665681\"\u003e\u003ccode\u003efe1ef5e\u003c/code\u003e\u003c/a\u003e changelog 6.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/e483220935d931cf6b09292aba62170e68f36205\"\u003e\u003ccode\u003ee483220\u003c/code\u003e\u003c/a\u003e get rid of npm lint stuff\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/689928a0ba7d9b9014d88a5fa35261f9ae4ef2f3\"\u003e\u003ccode\u003e689928a\u003c/code\u003e\u003c/a\u003e ci that works outside of npm org\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/db6f53928650a04b340ecdc01db2d49937e5d63c\"\u003e\u003ccode\u003edb6f539\u003c/code\u003e\u003c/a\u003e file inference improvements for .tbr and .tgz\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/336fa8f27c44bec70d46a6482096af24c668ee16\"\u003e\u003ccode\u003e336fa8f\u003c/code\u003e\u003c/a\u003e refactor: dry and other pr comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/eeba22238736ed0832488efb3c515ada98073424\"\u003e\u003ccode\u003eeeba222\u003c/code\u003e\u003c/a\u003e chore: lint fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v6.1.15...v6.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `uuid`\n\nUpdates `esbuild` from 0.27.7 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.27.7...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.3.87 to 0.7.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(js): subagent tool calls tracking for latest claude agent sdk by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2463\"\u003elangchain-ai/langsmith-sdk#2463\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.5 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2464\"\u003elangchain-ai/langsmith-sdk#2464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Respect traceRawHttp for tracing streaming AI SDK calls by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2466\"\u003elangchain-ai/langsmith-sdk#2466\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2467\"\u003elangchain-ai/langsmith-sdk#2467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add WebSocket transport for sandbox commands by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2443\"\u003elangchain-ai/langsmith-sdk#2443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(python): add tests for WebSocket transport layer by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2445\"\u003elangchain-ai/langsmith-sdk#2445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): use WebSocket transport by default with HTTP fallback by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2446\"\u003elangchain-ai/langsmith-sdk#2446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add CommandHandle for streaming, kill, stdin, and reconnect by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2450\"\u003elangchain-ai/langsmith-sdk#2450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(python): add tests for CommandHandle and sandbox streaming integration by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2448\"\u003elangchain-ai/langsmith-sdk#2448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(python): document sandbox streaming, kill, stdin, and reconnect by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2449\"\u003elangchain-ai/langsmith-sdk#2449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump google-cloud-aiplatform from 1.126.1 to 1.133.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2465\"\u003elangchain-ai/langsmith-sdk#2465\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix list commits endpoint for private prompts by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2479\"\u003elangchain-ai/langsmith-sdk#2479\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: persist failed trace payloads to disk for later replay by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2476\"\u003elangchain-ai/langsmith-sdk#2476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add native thread querying support by \u003ca href=\"https://github.com/ericdong-langchain\"\u003e\u003ccode\u003e@​ericdong-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2455\"\u003elangchain-ai/langsmith-sdk#2455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add raw response parsing for responses api to openai wrapper by \u003ca href=\"https://github.com/victorm-lc\"\u003e\u003ccode\u003e@​victorm-lc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2480\"\u003elangchain-ai/langsmith-sdk#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add integration and version num by \u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2481\"\u003elangchain-ai/langsmith-sdk#2481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.5.7 by \u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2482\"\u003elangchain-ai/langsmith-sdk#2482\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2481\"\u003elangchain-ai/langsmith-sdk#2481\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.6...v0.7.7\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.6...v0.7.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(python): add sandbox exception types and client plumbing by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2442\"\u003elangchain-ai/langsmith-sdk#2442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py, claude agent sdk): Correctly parent spans in asyncio context by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2457\"\u003elangchain-ai/langsmith-sdk#2457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(py): Improve retry logic for tracing ops by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2459\"\u003elangchain-ai/langsmith-sdk#2459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(py, claude agent sdk): Add wrapping for PostToolUseFailure hook by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2460\"\u003elangchain-ai/langsmith-sdk#2460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(claude agent sdk): rm debug logs by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2461\"\u003elangchain-ai/langsmith-sdk#2461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.6 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2462\"\u003elangchain-ai/langsmith-sdk#2462\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump chalk from 4.1.2 to 5.6.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2416\"\u003elangchain-ai/langsmith-sdk#2416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump \u003ccode\u003e@​jest/reporters\u003c/code\u003e from 29.7.0 to 30.2.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2417\"\u003elangchain-ai/langsmith-sdk#2417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 16 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2440\"\u003elangchain-ai/langsmith-sdk#2440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pandas-stubs from 2.3.3.251219 to 2.3.3.260113 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2404\"\u003elangchain-ai/langsmith-sdk#2404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group across 1 directory with 10 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2433\"\u003elangchain-ai/langsmith-sdk#2433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake zstandard optional by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2453\"\u003elangchain-ai/langsmith-sdk#2453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py/adk): fix multi-agent tracing by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2451\"\u003elangchain-ai/langsmith-sdk#2451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.5 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2456\"\u003elangchain-ai/langsmith-sdk#2456\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.4...v0.7.5\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.4...v0.7.5\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.7.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.28.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.27.7...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/HarleyCoops/ollama/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/HarleyCoops/ollama/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Follama/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4653143065","node_id":"PR_kwDOPbma_s7l9Elz","number":12,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-12T22:51:30.000Z","updated_at":"2026-06-12T23:01:50.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"langsmith","old_version":"0.3.49","new_version":"0.3.87","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"@hono/node-server","old_version":"1.17.1","new_version":"1.19.14","repository_url":"https://github.com/honojs/node-server"},{"name":"esbuild","old_version":"0.25.8","new_version":"0.25.12","repository_url":"https://github.com/evanw/esbuild"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"hono","old_version":"4.11.7","new_version":"4.12.25","repository_url":"https://github.com/honojs/hono"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"tar","old_version":"7.5.7","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 10 updates in the /docs/_scripts/js_translation/codeblocks directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.49` | `0.3.87` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.17.1` | `1.19.14` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.8` | `0.25.12` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [hono](https://github.com/honojs/hono) | `4.11.7` | `4.12.25` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.15` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.7` | `7.5.16` |\n\nBumps the npm_and_yarn group with 2 updates in the /libs/cli/js-examples directory: [flatted](https://github.com/WebReflection/flatted) and [picomatch](https://github.com/micromatch/picomatch).\n\nUpdates `langsmith` from 0.3.49 to 0.3.87\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.17.1 to 1.19.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.14\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add custom inspect to lightweight Request/Response to prevent TypeError on console.log by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/340\"\u003ehonojs/node-server#340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(globals): Stop overwriting global.fetch by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/295\"\u003ehonojs/node-server#295\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add guide for listening to UNIX domain socket by \u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serve-static): Use Readable.toWeb in serveStatic by \u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b5e63a366d9b0ef62ac65fcafd7f69b383b03ff5\"\u003e\u003ccode\u003eb5e63a3\u003c/code\u003e\u003c/a\u003e 1.19.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c02d7770a2d29ea473403211bef0a60639885a28\"\u003e\u003ccode\u003ec02d777\u003c/code\u003e\u003c/a\u003e fix: add custom inspect to lightweight Request/Response to prevent TypeError ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.17.1...v1.19.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.8 to 0.25.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a minification regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4315\"\u003e#4315\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for \u003ccode\u003e@media \u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt; { ... }\u003c/code\u003e was missing an equality check for the \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e part, so rules with different suffix clauses in this position would incorrectly compare equal and be deduplicated. This release fixes the regression.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate the list of known JavaScript globals (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4310\"\u003e#4310\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release updates esbuild's internal list of known JavaScript globals. These are globals that are known to not have side-effects when the property is accessed. For example, accessing the global \u003ccode\u003eArray\u003c/code\u003e property is considered to be side-effect free but accessing the global \u003ccode\u003escrollY\u003c/code\u003e property can trigger a layout, which is a side-effect. This is used by esbuild's tree-shaking to safely remove unused code that is known to be side-effect free. This update adds the following global properties:\u003c/p\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2017/\"\u003eES2017\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAtomics\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSharedArrayBuffer\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2020/\"\u003eES2020\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBigInt64Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eBigUint64Array\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2021/\"\u003eES2021\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eFinalizationRegistry\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eWeakRef\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2025/\"\u003eES2025\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eIterator\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNote that this does not indicate that constructing any of these objects is side-effect free, just that accessing the identifier is side-effect free. For example, this now allows esbuild to tree-shake classes that extend from \u003ccode\u003eIterator\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// This can now be tree-shaken by esbuild:\nclass ExampleIterator extends Iterator {}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for the new \u003ccode\u003e@view-transition\u003c/code\u003e CSS rule (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4313\"\u003e#4313\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eWith this release, esbuild now has improved support for pretty-printing and minifying the new \u003ccode\u003e@view-transition\u003c/code\u003e rule (which esbuild was previously unaware of):\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@view-transition {\n  navigation: auto;\n  types: check;\n}\n\u003cp\u003e/* Old output */\u003cbr /\u003e\n\u003ca href=\"https://github.com/view-transition\"\u003e\u003ccode\u003e@​view-transition\u003c/code\u003e\u003c/a\u003e { navigation: auto; types: check; }\u003c/p\u003e\n\u003cp\u003e/* New output */\u003cbr /\u003e\n\u003ca href=\"https://github.com/view-transition\"\u003e\u003ccode\u003e@​view-transition\u003c/code\u003e\u003c/a\u003e {\u003cbr /\u003e\nnavigation: auto;\u003cbr /\u003e\ntypes: check;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.25.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a minification regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4315\"\u003e#4315\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for \u003ccode\u003e@media \u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt; { ... }\u003c/code\u003e was missing an equality check for the \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e part, so rules with different suffix clauses in this position would incorrectly compare equal and be deduplicated. This release fixes the regression.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate the list of known JavaScript globals (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4310\"\u003e#4310\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release updates esbuild's internal list of known JavaScript globals. These are globals that are known to not have side-effects when the property is accessed. For example, accessing the global \u003ccode\u003eArray\u003c/code\u003e property is considered to be side-effect free but accessing the global \u003ccode\u003escrollY\u003c/code\u003e property can trigger a layout, which is a side-effect. This is used by esbuild's tree-shaking to safely remove unused code that is known to be side-effect free. This update adds the following global properties:\u003c/p\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2017/\"\u003eES2017\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAtomics\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSharedArrayBuffer\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2020/\"\u003eES2020\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBigInt64Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eBigUint64Array\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2021/\"\u003eES2021\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eFinalizationRegistry\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eWeakRef\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2025/\"\u003eES2025\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eIterator\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNote that this does not indicate that constructing any of these objects is side-effect free, just that accessing the identifier is side-effect free. For example, this now allows esbuild to tree-shake classes that extend from \u003ccode\u003eIterator\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// This can now be tree-shaken by esbuild:\nclass ExampleIterator extends Iterator {}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for the new \u003ccode\u003e@view-transition\u003c/code\u003e CSS rule (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4313\"\u003e#4313\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eWith this release, esbuild now has improved support for pretty-printing and minifying the new \u003ccode\u003e@view-transition\u003c/code\u003e rule (which esbuild was previously unaware of):\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@view-transition {\n  navigation: auto;\n  types: check;\n}\n\u003cp\u003e/* Old output */\u003cbr /\u003e\n\u003ca href=\"https://github.com/view-transition\"\u003e\u003ccode\u003e@​view-transition\u003c/code\u003e\u003c/a\u003e { navigation: auto; types: check; }\u003c/p\u003e\n\u003cp\u003e/* New output */\u003cbr /\u003e\n\u003ca href=\"https://github.com/view-transition\"\u003e\u003ccode\u003e@​view-transition\u003c/code\u003e\u003c/a\u003e {\u003cbr /\u003e\nnavigation: auto;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/208f539945b145e7c9d6d844290f81c3fe5af320\"\u003e\u003ccode\u003e208f539\u003c/code\u003e\u003c/a\u003e publish 0.25.12 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/5f03afdd007f6626d4300afc7cbb5bf7c9554393\"\u003e\u003ccode\u003e5f03afd\u003c/code\u003e\u003c/a\u003e update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/6b2ee78d7f273d7ed4c4bb08b516939b373bcd67\"\u003e\u003ccode\u003e6b2ee78\u003c/code\u003e\u003c/a\u003e minify: remove css rules containing empty \u003ccode\u003e:is()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f361debd61ffa0ae2d810fbe0e4c9d39183ed4c6\"\u003e\u003ccode\u003ef361deb\u003c/code\u003e\u003c/a\u003e add some additional known static methods\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/07aa646bb2fd9c5eb1de804edf9eae5bd1617637\"\u003e\u003ccode\u003e07aa646\u003c/code\u003e\u003c/a\u003e automatically mark \u0026quot;RegExp.escape()\u0026quot; calls as pure\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9039c468258fd9a19eeaf5e05fd6a3d582b46d3a\"\u003e\u003ccode\u003e9039c46\u003c/code\u003e\u003c/a\u003e simplify some call expression checks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/188944dd946dd54d50bbe844dc22969b604589d0\"\u003e\u003ccode\u003e188944d\u003c/code\u003e\u003c/a\u003e add some additional known static methods\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d3c67f9e94267d06337d2e2e0d837844d2cac6bd\"\u003e\u003ccode\u003ed3c67f9\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4310\"\u003e#4310\u003c/a\u003e: add \u003ccode\u003eIterator\u003c/code\u003e and other known globals\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4a51f0b24d343d7ae5b7d5a3e5c3afce3f96a0f8\"\u003e\u003ccode\u003e4a51f0b\u003c/code\u003e\u003c/a\u003e fix: escape dev server breadcrumb hrefs properly (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4316\"\u003e#4316\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/26b29ed51ffe20730ffaf69921dbb53e27de464a\"\u003e\u003ccode\u003e26b29ed\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4315\"\u003e#4315\u003c/a\u003e: \u003ccode\u003e@media\u003c/code\u003e deduplication bug edge case\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.8...v0.25.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.5.3 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v4.5.3...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.11.7 to 4.12.25\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.25\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eCORS Middleware reflects any Origin with credentials when \u003ccode\u003eorigin\u003c/code\u003e defaults to the wildcard\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cors\u003c/code\u003e. Fixes the wildcard origin reflecting the request \u003ccode\u003eOrigin\u003c/code\u003e and sending \u003ccode\u003eAccess-Control-Allow-Credentials: true\u003c/code\u003e when \u003ccode\u003ecredentials: true\u003c/code\u003e is set without an explicit \u003ccode\u003eorigin\u003c/code\u003e, where any site a logged-in user visited could make credentialed cross-origin requests and read responses from cookie-authenticated endpoints. GHSA-88fw-hqm2-52qc\u003c/p\u003e\n\u003ch3\u003eBody Limit Middleware can be bypassed on AWS Lambda by understating \u003ccode\u003eContent-Length\u003c/code\u003e\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/body-limit\u003c/code\u003e on AWS Lambda (\u003ccode\u003ehono/aws-lambda\u003c/code\u003e, \u003ccode\u003ehono/lambda-edge\u003c/code\u003e). Fixes the request being built with the client-declared \u003ccode\u003eContent-Length\u003c/code\u003e while the body is delivered fully buffered, where a client could declare a small \u003ccode\u003eContent-Length\u003c/code\u003e with a much larger body and slip past the configured size limit. GHSA-rv63-4mwf-qqc2\u003c/p\u003e\n\u003ch3\u003ePath traversal in \u003ccode\u003eserve-static\u003c/code\u003e on Windows via encoded backslash (\u003ccode\u003e%5C\u003c/code\u003e)\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eserveStatic\u003c/code\u003e on Windows (Node, Bun, Deno adapters). Fixes the path guard allowing a lone backslash, where an encoded backslash (\u003ccode\u003e%5C\u003c/code\u003e) decoded to \u003ccode\u003e\\\u003c/code\u003e was treated as a separator by the Windows path resolver, letting a single URL segment escape into a middleware-guarded subtree. GHSA-wwfh-h76j-fc44\u003c/p\u003e\n\u003ch3\u003eAWS Lambda adapter merges multiple \u003ccode\u003eSet-Cookie\u003c/code\u003e headers into one value, dropping cookies on ALB single-header and Lattice\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/aws-lambda\u003c/code\u003e. Fixes multiple \u003ccode\u003eSet-Cookie\u003c/code\u003e response headers being joined into one comma-separated value for ALB single-header responses and VPC Lattice v2, where the value could not be split back into individual cookies and clients silently dropped or misparsed them. GHSA-j6c9-x7qj-28xf\u003c/p\u003e\n\u003ch3\u003eLambda@Edge adapter keeps only the last value of a repeated request header, dropping the rest\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/lambda-edge\u003c/code\u003e. Fixes repeated request headers being written with overwrite instead of append, where only the last value of a header such as \u003ccode\u003eX-Forwarded-For\u003c/code\u003e reached the application and the remaining values were silently dropped. GHSA-wgpf-jwqj-8h8p\u003c/p\u003e\n\u003ch2\u003ev4.12.24\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(contribution): simplifyAI Usage Policy by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4972\"\u003ehonojs/hono#4972\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove \u003ccode\u003e@​types/glob\u003c/code\u003e by \u003ca href=\"https://github.com/rtritto\"\u003e\u003ccode\u003e@​rtritto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4978\"\u003ehonojs/hono#4978\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(bearer-auth): mention verifyToken in missing-options error message by \u003ca href=\"https://github.com/tan7vir\"\u003e\u003ccode\u003e@​tan7vir\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4987\"\u003ehonojs/hono#4987\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(language): Test/improve tests on languages middleware by \u003ca href=\"https://github.com/iNeoO\"\u003e\u003ccode\u003e@​iNeoO\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4980\"\u003ehonojs/hono#4980\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(utils/ipaddr): expand \u0026quot;::\u0026quot; to eight zero groups by \u003ca href=\"https://github.com/youcefzemmar\"\u003e\u003ccode\u003e@​youcefzemmar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4973\"\u003ehonojs/hono#4973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clean up config files trailing comma, stale excludes, typesVersions gaps, jsr paths by \u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4982\"\u003ehonojs/hono#4982\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(timing): Test/add test for middleware timing by \u003ca href=\"https://github.com/iNeoO\"\u003e\u003ccode\u003e@​iNeoO\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4991\"\u003ehonojs/hono#4991\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(utils/ipaddr): render the unspecified address binary as \u0026quot;::\u0026quot; by \u003ca href=\"https://github.com/sarathfrancis90\"\u003e\u003ccode\u003e@​sarathfrancis90\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4998\"\u003ehonojs/hono#4998\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.23...v4.12.24\"\u003ehttps://github.com/honojs/hono/compare/v4.12.23...v4.12.24\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.23\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(serve-static): normalize all backslashes in file paths, not just the first in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4962\"\u003ehonojs/hono#4962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(context): export the Context class publicly by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4543\"\u003ehonojs/hono#4543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(contribution): add AI Usage Policy by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4970\"\u003ehonojs/hono#4970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(compress): add contentTypeFilter option and \u003ccode\u003eCOMPRESSIBLE_CONTENT_TYPE_REGEX\u003c/code\u003e re-export by \u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4961\"\u003ehonojs/hono#4961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(utils/ipaddr): do not compress a single 0 group to \u003ccode\u003e::\u003c/code\u003e by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4971\"\u003ehonojs/hono#4971\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.22...v4.12.23\"\u003ehttps://github.com/honojs/hono/compare/v4.12.22...v4.12.23\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/fce483e11466b72d27e61d44523c7e6edeb19e50\"\u003e\u003ccode\u003efce483e\u003c/code\u003e\u003c/a\u003e 4.12.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/751ba41ba26dff20351a13964c07627ddcf382b6\"\u003e\u003ccode\u003e751ba41\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f0b094db8474696344d98e5665a4ac2a6d5f346e\"\u003e\u003ccode\u003ef0b094d\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/fa5f9bfcc25d65e08af85211cc2e5ecd0e0ea24b\"\u003e\u003ccode\u003efa5f9bf\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/3892a6c2b54f974505de41013fcac88a71908e3d\"\u003e\u003ccode\u003e3892a6c\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/74c2cf8ef4f5cc29a876380df1ba230ff7128b3f\"\u003e\u003ccode\u003e74c2cf8\u003c/code\u003e\u003c/a\u003e test(aws-lambda): update integration tests (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/5012\"\u003e#5012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/7ae7cbae5d0ed8a40e8b9cc353e13175b9d7e3e1\"\u003e\u003ccode\u003e7ae7cba\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/1b1384815485f9d6590c6966e23a06fd07166cb7\"\u003e\u003ccode\u003e1b13848\u003c/code\u003e\u003c/a\u003e chore(ci): bump codecov-action to v7.0.0 (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/5011\"\u003e#5011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/5fdde5ab5a7d7c89eba4d1ceab76f4a7c011cd3b\"\u003e\u003ccode\u003e5fdde5a\u003c/code\u003e\u003c/a\u003e 4.12.24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c78932d745cdf6284ae131a156479ac930da0262\"\u003e\u003ccode\u003ec78932d\u003c/code\u003e\u003c/a\u003e fix(utils/ipaddr): render the unspecified address binary as \u0026quot;::\u0026quot; (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4998\"\u003e#4998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.11.7...v4.12.25\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.6 to 8.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/eae46db765d752cf8f40c4fa2b0b85030079c43d\"\u003e\u003ccode\u003eeae46db\u003c/code\u003e\u003c/a\u003e Release 8.5.15 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/79508ffa59e42c02056aca61b88bc393c8b516c4\"\u003e\u003ccode\u003e79508ff\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b128e2131288a411c6e28071d0929542c49e74eb\"\u003e\u003ccode\u003eb128e21\u003c/code\u003e\u003c/a\u003e Speed up declaration parsing by avoiding creating new array on each token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9825dca02c33cf610e2a842be767468b67fbecf9\"\u003e\u003ccode\u003e9825dca\u003c/code\u003e\u003c/a\u003e Fix code format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/55789c865281e2be194fa5b4e41dd046be3a2307\"\u003e\u003ccode\u003e55789c8\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/84fbbe9009cb3cc3bbb4cc3a9b65d468f4844d95\"\u003e\u003ccode\u003e84fbbe9\u003c/code\u003e\u003c/a\u003e Install older pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9f860bd78ec1dbc4f0ae72d693f03f956baa38cb\"\u003e\u003ccode\u003e9f860bd\u003c/code\u003e\u003c/a\u003e Revert pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/08771986d47359545f502e009763e223b66bfcf6\"\u003e\u003ccode\u003e0877198\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b2d1a335cea818f8b27e5cfb90147648afe3e582\"\u003e\u003ccode\u003eb2d1a33\u003c/code\u003e\u003c/a\u003e Fix linter warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/0700dac92283bc259977dff2743ca74a00f58267\"\u003e\u003ccode\u003e0700dac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2088\"\u003e#2088\u003c/a\u003e from rootvector2/add-oss-fuzz-harness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.7 to 7.5.16\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/cf213384ac558b539c07c830ed7cca5ffc9e8550\"\u003e\u003ccode\u003ecf21338\u003c/code\u003e\u003c/a\u003e 7.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/21a822027658c8063542be330530bbecdf0dbbfe\"\u003e\u003ccode\u003e21a8220\u003c/code\u003e\u003c/a\u003e do not apply PAX header fields to meta entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/52632cf38fdbdbbc7ab86184d68a85b11fdb0970\"\u003e\u003ccode\u003e52632cf\u003c/code\u003e\u003c/a\u003e update project deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/302f51ff3f8eefeccc06be4caf7d0de9b7c321d7\"\u003e\u003ccode\u003e302f51f\u003c/code\u003e\u003c/a\u003e fix inconsequential typo in PENDINGLINKS symbol name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/55dbb99b27640bb12b2ac059b26883c23523b3e3\"\u003e\u003ccode\u003e55dbb99\u003c/code\u003e\u003c/a\u003e remove some uses of mutate-fs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/87cc309f13c21d598b0b833235d387a252455058\"\u003e\u003ccode\u003e87cc309\u003c/code\u003e\u003c/a\u003e 7.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7aef486f0d21c10fd7790b16b1b28f04648cf334\"\u003e\u003ccode\u003e7aef486\u003c/code\u003e\u003c/a\u003e fix: regression in pending links detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/GlacierEQ/langgraph/network/alerts).\n\n\u003c/details\u003e\n\n---\n\n🔧 This PR updates 10 npm dependencies across two directories, bringing security fixes, performance improvements, and bug fixes to the project's JavaScript toolchain and runtime dependencies.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Security Updates**: Multiple packages include critical security fixes, particularly `picomatch` (CVE-2026-33671, CVE-2026-33672), `flatted` (CWE-1321), and `hono` (CORS, body limit, path traversal fixes)\n- **Build Tools**: Updated `esbuild` (0.25.8→0.25.12) with CSS media query fixes and improved tree-shaking for newer JavaScript globals\n- **Performance Improvements**: `postcss` (8.5.6→8.5.15) includes declaration parsing optimizations and XSS protection fixes\n- **Framework Updates**: Major version bump for `hono` (4.11.7→4.12.25) and `@hono/node-server` (1.17.1→1.19.14) with multiple security and stability improvements\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 10 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Performance Issues Detected]\n    C --\u003e E[Update picomatch, flatted, hono]\n    D --\u003e F[Update esbuild, postcss]\n    E --\u003e G[Apply Security Patches]\n    F --\u003e H[Apply Performance Fixes]\n    G --\u003e I[Updated yarn.lock Files]\n    H --\u003e I\n    I --\u003e J[Two Directories Updated]\n    J --\u003e K[/docs/_scripts/js_translation/codeblocks]\n    J --\u003e L[/libs/cli/js-examples]\n```\n\n### Impact\n- **Security Enhancement**: Resolves multiple CVEs and security advisories, particularly around CORS bypass, path traversal, and prototype pollution vulnerabilities\n- **Performance Optimization**: Improved CSS parsing performance in PostCSS and better tree-shaking capabilities in esbuild for modern JavaScript features\n- **Stability Improvements**: Bug fixes in HTTP handling, request processing, and file serving across the Hono ecosystem\n- **Maintenance**: Keeps dependencies current with latest patches, reducing technical debt and ensuring compatibility with modern JavaScript standards\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate JS dependencies in `docs/_scripts/js_translation/codeblocks` and `libs/cli/js-examples` to apply security patches and performance fixes. Key bumps include `hono` 4.12.25, `@hono/node-server` 1.19.14, `esbuild` 0.25.12, `postcss` 8.5.15, `langsmith` 0.3.87, and more.\n\n- **Dependencies**\n  - Security: `hono` (CORS, body limit, path traversal), `@hono/node-server` (static middleware bypass), `picomatch` 2.3.2, `flatted` 3.4.2, `tar` 7.5.16.\n  - Build/Perf: `esbuild` 0.25.12 (CSS/media queries, tree-shaking), `postcss` 8.5.15 (parsing perf, XSS fix), `fast-xml-parser` 4.5.6.\n  - Other fixes: `minimatch` 3.1.5, `hono` runtime improvements, `langsmith` 0.3.87.\n  - Scope: lockfile-only updates; no app code changes expected.\n\n\u003csup\u003eWritten for commit c920189b45933ecc3d7af8ec50d63568ce339d7d. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/GlacierEQ/langgraph/pull/12?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/GlacierEQ/langgraph/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Flanggraph/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"},{"uuid":"4635841716","node_id":"PR_kwDOR4ZFgs7lFerK","number":976,"state":"open","title":"chore(deps-dev): bump the dev-dependencies group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T23:32:33.000Z","updated_at":"2026-06-10T23:33:11.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev): bump","group_name":"dev-dependencies","update_count":4,"packages":[{"name":"turbo","old_version":"2.9.17","new_version":"2.9.18","repository_url":"https://github.com/vercel/turborepo"},{"name":"@types/node","old_version":"25.9.2","new_version":"25.9.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"langsmith","old_version":"0.7.5","new_version":"0.7.6","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"@cloudflare/workers-types","old_version":"4.20260609.1","new_version":"4.20260610.1","repository_url":"https://github.com/cloudflare/workerd"}],"path":null,"ecosystem":"npm"},"body":"Bumps the dev-dependencies group with 4 updates in the / directory: [turbo](https://github.com/vercel/turborepo), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [@cloudflare/workers-types](https://github.com/cloudflare/workerd).\n\nUpdates `turbo` from 2.9.17 to 2.9.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/releases\"\u003eturbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTurborepo v2.9.18\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.17 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13047\"\u003evercel/turborepo#13047\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Fetch version.txt via API in docs alias failure notification by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13050\"\u003evercel/turborepo#13050\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden cache archive symlink restore by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13051\"\u003evercel/turborepo#13051\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove web UI mode by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13052\"\u003evercel/turborepo#13052\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden query server file access by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13053\"\u003evercel/turborepo#13053\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Confine prune patch paths by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13054\"\u003evercel/turborepo#13054\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Prevent git argument injection in SCM refs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13055\"\u003evercel/turborepo#13055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Strip special mode bits from cache restore by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13056\"\u003evercel/turborepo#13056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Contain incremental cache outputs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13057\"\u003evercel/turborepo#13057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(turborepo): Normalize Windows daemon path hash by \u003ca href=\"https://github.com/Balance8\"\u003e\u003ccode\u003e@​Balance8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13020\"\u003evercel/turborepo#13020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Preserve vt100 cell byte counts by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13058\"\u003evercel/turborepo#13058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Separate artifact signature fields by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13059\"\u003evercel/turborepo#13059\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate OidHash hex buffers by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13060\"\u003evercel/turborepo#13060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Block self-hosted login URLs from attempting to use Vercel's SSO by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13061\"\u003evercel/turborepo#13061\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Balance8\"\u003e\u003ccode\u003e@​Balance8\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13020\"\u003evercel/turborepo#13020\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\"\u003ehttps://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/3bdce3277d2e61cdbf29f244a515dd4b896d2556\"\u003e\u003ccode\u003e3bdce32\u003c/code\u003e\u003c/a\u003e publish 2.9.18 to registry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/2a76556b9457c514fa597a09fef23da2e1250c8c\"\u003e\u003ccode\u003e2a76556\u003c/code\u003e\u003c/a\u003e fix: Block self-hosted login URLs from attempting to use Vercel's SSO (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13061\"\u003e#13061\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/da8e3487acce10039425180c42875d7ccc484ed5\"\u003e\u003ccode\u003eda8e348\u003c/code\u003e\u003c/a\u003e fix: Validate OidHash hex buffers (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13060\"\u003e#13060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/3018717c28fc8f1ecffa2c92e3260be0dc0165aa\"\u003e\u003ccode\u003e3018717\u003c/code\u003e\u003c/a\u003e fix: Separate artifact signature fields (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13059\"\u003e#13059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/34514e278822ccbe3a083730b7032709ef16f85c\"\u003e\u003ccode\u003e34514e2\u003c/code\u003e\u003c/a\u003e fix: Preserve vt100 cell byte counts (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13058\"\u003e#13058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/24e2d3498f54fa1f8b729f18764f63cb05072bc6\"\u003e\u003ccode\u003e24e2d34\u003c/code\u003e\u003c/a\u003e fix(turborepo): Normalize Windows daemon path hash (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13020\"\u003e#13020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/16dc881cabf5c13d02c27a5d7cfdfeb60736206c\"\u003e\u003ccode\u003e16dc881\u003c/code\u003e\u003c/a\u003e fix: Contain incremental cache outputs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13057\"\u003e#13057\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/92e1f8e5365ea5a95e47c3698deb2f7adaa55eba\"\u003e\u003ccode\u003e92e1f8e\u003c/code\u003e\u003c/a\u003e fix: Strip special mode bits from cache restore (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13056\"\u003e#13056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/f46f896ef414823582131304c9749e9be011fe37\"\u003e\u003ccode\u003ef46f896\u003c/code\u003e\u003c/a\u003e fix: Prevent git argument injection in SCM refs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13055\"\u003e#13055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/7f353ca3a6f28fbbcce931aeab7be0efe718c466\"\u003e\u003ccode\u003e7f353ca\u003c/code\u003e\u003c/a\u003e fix: Confine prune patch paths (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13054\"\u003e#13054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.2 to 25.9.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.7.5 to 0.7.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(python): add sandbox exception types and client plumbing by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2442\"\u003elangchain-ai/langsmith-sdk#2442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py, claude agent sdk): Correctly parent spans in asyncio context by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2457\"\u003elangchain-ai/langsmith-sdk#2457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(py): Improve retry logic for tracing ops by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2459\"\u003elangchain-ai/langsmith-sdk#2459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(py, claude agent sdk): Add wrapping for PostToolUseFailure hook by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2460\"\u003elangchain-ai/langsmith-sdk#2460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(claude agent sdk): rm debug logs by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2461\"\u003elangchain-ai/langsmith-sdk#2461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.6 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2462\"\u003elangchain-ai/langsmith-sdk#2462\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/22a048477ae08ff8adace5398551d287e1722891\"\u003e\u003ccode\u003e22a0484\u003c/code\u003e\u003c/a\u003e release(py): 0.7.6 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2462\"\u003e#2462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/01acee8618311b8b67768bb46bf8c44dba577402\"\u003e\u003ccode\u003e01acee8\u003c/code\u003e\u003c/a\u003e chore(claude agent sdk): rm debug logs (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2461\"\u003e#2461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/4e366c4685da981055923fad3e21d0a913525ed7\"\u003e\u003ccode\u003e4e366c4\u003c/code\u003e\u003c/a\u003e feat(py, claude agent sdk): Add wrapping for PostToolUseFailure hook (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2460\"\u003e#2460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/4e255078534c6d24b827774a4b6896c4acb289f0\"\u003e\u003ccode\u003e4e25507\u003c/code\u003e\u003c/a\u003e perf(py): Improve retry logic for tracing ops (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2459\"\u003e#2459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/daa0330affcfac9231c1f5c573976b222e0c3735\"\u003e\u003ccode\u003edaa0330\u003c/code\u003e\u003c/a\u003e fix(py, claude agent sdk): Correctly parent spans in asyncio context (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2457\"\u003e#2457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/070a20719ae3ca50db54860b4fc62a9f20ff7a40\"\u003e\u003ccode\u003e070a207\u003c/code\u003e\u003c/a\u003e feat(python): add sandbox exception types and client plumbing (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2442\"\u003e#2442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@cloudflare/workers-types` from 4.20260609.1 to 4.20260610.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cloudflare/workerd/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/AgentsKit-io/agentskit/pull/976","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AgentsKit-io%2Fagentskit/issues/976","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/976/packages"},{"uuid":"4585237947","node_id":"PR_kwDORs2SxM7if2cJ","number":80,"state":"closed","title":"chore(deps): bump langsmith from 0.5.12 to 0.7.4","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-08T20:44:47.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-04T02:24:57.000Z","updated_at":"2026-06-08T20:44:49.000Z","time_to_close":411590,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"langsmith","old_version":"0.5.12","new_version":"0.7.4","repository_url":"https://github.com/langchain-ai/langsmith-sdk"}],"path":null,"ecosystem":"npm"},"body":"Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.5.12 to 0.7.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(google-adk): add wrapt dependency by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2436\"\u003elangchain-ai/langsmith-sdk#2436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: lock dependencies by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2439\"\u003elangchain-ai/langsmith-sdk#2439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.4 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2441\"\u003elangchain-ai/langsmith-sdk#2441\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: propagate tracingEnabled to nested traceables by \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2427\"\u003elangchain-ai/langsmith-sdk#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(python): openai agents: delay span start for spans without inputs on start event by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2424\"\u003elangchain-ai/langsmith-sdk#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.3 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2428\"\u003elangchain-ai/langsmith-sdk#2428\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2389\"\u003elangchain-ai/langsmith-sdk#2389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove \u003ca href=\"https://github.com/internal\"\u003e\u003ccode\u003e@​internal\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2391\"\u003elangchain-ai/langsmith-sdk#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2392\"\u003elangchain-ai/langsmith-sdk#2392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump openai from 5.8.2 to 6.18.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2378\"\u003elangchain-ai/langsmith-sdk#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump cross-env from 7.0.3 to 10.1.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2379\"\u003elangchain-ai/langsmith-sdk#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2376\"\u003elangchain-ai/langsmith-sdk#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump node-fetch from 2.7.0 to 3.3.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2380\"\u003elangchain-ai/langsmith-sdk#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGoogle ADK LangSmith tracing enhancements by \u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependabot.yml to comply with posture checks by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2393\"\u003elangchain-ai/langsmith-sdk#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump cryptography from 46.0.3 to 46.0.5 in /python in the uv group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2397\"\u003elangchain-ai/langsmith-sdk#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2398\"\u003elangchain-ai/langsmith-sdk#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2399\"\u003elangchain-ai/langsmith-sdk#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump packaging from 25.0 to 26.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2403\"\u003elangchain-ai/langsmith-sdk#2403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pytest from 8.4.2 to 9.0.2 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2405\"\u003elangchain-ai/langsmith-sdk#2405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 20 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2406\"\u003elangchain-ai/langsmith-sdk#2406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Log Vitest/Jest outputs even if test throws an error by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2408\"\u003elangchain-ai/langsmith-sdk#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove async by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2409\"\u003elangchain-ai/langsmith-sdk#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.3 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2410\"\u003elangchain-ai/langsmith-sdk#2410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignoring p-queue dep by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2414\"\u003elangchain-ai/langsmith-sdk#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add on_start handler for traceable, use in evaluate by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2421\"\u003elangchain-ai/langsmith-sdk#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.4 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2422\"\u003elangchain-ai/langsmith-sdk#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2419\"\u003elangchain-ai/langsmith-sdk#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2423\"\u003elangchain-ai/langsmith-sdk#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2426\"\u003elangchain-ai/langsmith-sdk#2426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.7.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith\u0026package-manager=npm_and_yarn\u0026previous-version=0.5.12\u0026new-version=0.7.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/el-musleh/Go-Fish/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/el-musleh/Go-Fish/pull/80","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/el-musleh%2FGo-Fish/issues/80","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/80/packages"},{"uuid":"4581863151","node_id":"PR_kwDOPHQ0Fc7iUmOu","number":679,"state":"closed","title":"deps(deps): bump the prod-misc group across 1 directory with 21 updates","user":"dependabot[bot]","labels":["dependencies","automated","npm"],"assignees":["shchilkin"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-07T22:51:42.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-03T16:45:38.000Z","updated_at":"2026-06-07T22:51:44.000Z","time_to_close":367564,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps): bump","group_name":"prod-misc","update_count":21,"packages":[{"name":"@tanstack/react-query","old_version":"5.100.14","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"bullmq","old_version":"5.77.3","new_version":"5.78.0","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"ioredis","old_version":"5.10.1","new_version":"5.11.1","repository_url":"https://github.com/luin/ioredis"},{"name":"tsx","old_version":"4.22.3","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"fumadocs-core","old_version":"16.9.1","new_version":"16.9.3","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-mdx","old_version":"15.0.8","new_version":"15.0.10","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-ui","old_version":"16.9.1","new_version":"16.9.3","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"xstate","old_version":"5.31.1","new_version":"5.32.0","repository_url":"https://github.com/statelyai/xstate"},{"name":"@types/estree","old_version":"1.0.8","new_version":"1.0.9","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"baseline-browser-mapping","old_version":"2.10.32","new_version":"2.10.33","repository_url":"https://github.com/web-platform-dx/baseline-browser-mapping"},{"name":"hasown","old_version":"2.0.3","new_version":"2.0.4","repository_url":"https://github.com/inspect-js/hasOwn"},{"name":"js-yaml","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"langsmith","old_version":"0.7.2","new_version":"0.7.4","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"property-information","old_version":"7.1.0","new_version":"7.2.0","repository_url":"https://github.com/wooorm/property-information"},{"name":"shiki","old_version":"4.1.0","new_version":"4.2.0","repository_url":"https://github.com/shikijs/shiki"},{"name":"tinyglobby","old_version":"0.2.16","new_version":"0.2.17","repository_url":"https://github.com/SuperchupuDev/tinyglobby"},{"name":"vite","old_version":"8.0.14","new_version":"8.0.16","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the prod-misc group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.14` | `5.101.0` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.77.3` | `5.78.0` |\n| [ioredis](https://github.com/luin/ioredis) | `5.10.1` | `5.11.1` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.22.3` | `4.22.4` |\n| [fumadocs-core](https://github.com/fuma-nama/fumadocs) | `16.9.1` | `16.9.3` |\n| [fumadocs-mdx](https://github.com/fuma-nama/fumadocs) | `15.0.8` | `15.0.10` |\n| [fumadocs-ui](https://github.com/fuma-nama/fumadocs) | `16.9.1` | `16.9.3` |\n| [xstate](https://github.com/statelyai/xstate) | `5.31.1` | `5.32.0` |\n| [@types/estree](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/estree) | `1.0.8` | `1.0.9` |\n| [baseline-browser-mapping](https://github.com/web-platform-dx/baseline-browser-mapping) | `2.10.32` | `2.10.33` |\n| [hasown](https://github.com/inspect-js/hasOwn) | `2.0.3` | `2.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.2.0` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.7.2` | `0.7.4` |\n| [property-information](https://github.com/wooorm/property-information) | `7.1.0` | `7.2.0` |\n| [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.1.0` | `4.2.0` |\n| [tinyglobby](https://github.com/SuperchupuDev/tinyglobby) | `0.2.16` | `0.2.17` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.14` | `8.0.16` |\n\n\nUpdates `@tanstack/react-query` from 5.100.14 to 5.101.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/3042860e3c8731c94ca4dec0e277e415d0484fce\"\u003e\u003ccode\u003e3042860\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/TanStack/query/commit/e631dc3fa17bff71f413246b7a770a730016d346\"\u003e\u003ccode\u003ee631dc3\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10857\"\u003e#10857\u003c/a\u003e \u003ca href=\"https://github.com/TanStack/query/commit/7cf5923308fb91f3eff0fe952d8c64676e2bdad7\"\u003e\u003ccode\u003e7cf5923\u003c/code\u003e\u003c/a\u003e - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md\"\u003e@​tanstack/react-query's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/f3d8d2abbf15bf81ff7575d3be9845d7b402f25a\"\u003e\u003ccode\u003ef3d8d2a\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10774\"\u003e#10774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/532bb298fba15e945e69c6ee4edc0c759ff21324\"\u003e\u003ccode\u003e532bb29\u003c/code\u003e\u003c/a\u003e fix(tests): disable local coverage instrumentation (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.0/packages/react-query\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bullmq` from 5.77.3 to 5.78.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/taskforcesh/bullmq/releases\"\u003ebullmq's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.78.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.7...v5.78.0\"\u003e5.78.0\u003c/a\u003e (2026-06-02)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erust:\u003c/strong\u003e initial implementation of rust support (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4200\"\u003e#4200\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/38798cc212e450f6369da3714c20eeced5a523a9\"\u003e38798cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.6...v5.77.7\"\u003e5.77.7\u003c/a\u003e (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency msgpackr to v2.0.2 [security] (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4202\"\u003e#4202\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/fbe04af1b3e9c7c9683229544914a54c5bb1f8d8\"\u003efbe04af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.5...v5.77.6\"\u003e5.77.6\u003c/a\u003e (2026-05-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e change NodeRedisRawClient to be node-redis compliant (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4195\"\u003e#4195\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/81709e4abe71f4e7c05c748938ec004a50c1fd4b\"\u003e81709e4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.4...v5.77.5\"\u003e5.77.5\u003c/a\u003e (2026-05-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econnection:\u003c/strong\u003e handle cluster reconnection with timeouts (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4186\"\u003e#4186\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/411690e9070ba0dda59a86628fc8b56ad9ebea04\"\u003e411690e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.3...v5.77.4\"\u003e5.77.4\u003c/a\u003e (2026-05-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ededuplication:\u003c/strong\u003e preserve custom jobId when requeuing keepLastIfActive proto-jobs (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4190\"\u003e#4190\u003c/a\u003e) fixes \u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4030\"\u003e#4030\u003c/a\u003e (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e4972e8fd721035d680ca291049134c3876f8ba\"\u003e6e4972e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/38798cc212e450f6369da3714c20eeced5a523a9\"\u003e\u003ccode\u003e38798cc\u003c/code\u003e\u003c/a\u003e feat(rust): initial implementation of rust support (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4200\"\u003e#4200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/a45e0d944255fb600dfb005a4f829c8999478349\"\u003e\u003ccode\u003ea45e0d9\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.7 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4203\"\u003e#4203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/fbe04af1b3e9c7c9683229544914a54c5bb1f8d8\"\u003e\u003ccode\u003efbe04af\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency msgpackr to v2.0.2 [security] (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4202\"\u003e#4202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/63c4054ab34d85c7c8d1fb620776d44aca45ae67\"\u003e\u003ccode\u003e63c4054\u003c/code\u003e\u003c/a\u003e chore(deps): update eslint to v8.60.0 [security] (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4192\"\u003e#4192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/d2c98509c5cab911d3d40de5a13668791473dbbc\"\u003e\u003ccode\u003ed2c9850\u003c/code\u003e\u003c/a\u003e chore(release): v5.77.6 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4199\"\u003e#4199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/1c99570ee26407bc6e6b3796a9989304affa624d\"\u003e\u003ccode\u003e1c99570\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.5 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4198\"\u003e#4198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/81709e4abe71f4e7c05c748938ec004a50c1fd4b\"\u003e\u003ccode\u003e81709e4\u003c/code\u003e\u003c/a\u003e fix(types): change NodeRedisRawClient to be node-redis compliant (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4195\"\u003e#4195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/411690e9070ba0dda59a86628fc8b56ad9ebea04\"\u003e\u003ccode\u003e411690e\u003c/code\u003e\u003c/a\u003e fix(connection): handle cluster reconnection with timeouts (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4186\"\u003e#4186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/e7d7d874f615cc06a581332f3a6fb6db22da4fb9\"\u003e\u003ccode\u003ee7d7d87\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.4 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4197\"\u003e#4197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e4972e8fd721035d680ca291049134c3876f8ba\"\u003e\u003ccode\u003e6e4972e\u003c/code\u003e\u003c/a\u003e fix(deduplication): preserve custom jobId when requeuing keepLastIfActive pro...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.3...v5.78.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ioredis` from 5.10.1 to 5.11.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/luin/ioredis/releases\"\u003eioredis's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.11.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.11.0...v5.11.1\"\u003e5.11.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecluster:\u003c/strong\u003e reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003ec84b2ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eparse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e131ee24\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.11.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.0\"\u003e5.11.0\u003c/a\u003e (2026-05-26)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent RangeError from string accumulation in pipeline (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2088\"\u003e#2088\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/defc07716a9ef10c2077ec4e23ea48cb9ea731fc\"\u003edefc077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereplace deprecated url.parse() with WHATWG URL API (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2081\"\u003e#2081\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0021a4590e286aabbf27f4e2fc18f9d2de829ef0\"\u003e0021a45\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/redis/ioredis/issues/1747\"\u003eredis/ioredis#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003ebaf68d6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e37d0695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Redis MSETEX support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2111\"\u003e#2111\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/04a4615e8e96b9c58d017e360b5eaafede8973d0\"\u003e04a4615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd typed GCRA command support and functional tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2094\"\u003e#2094\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/468a8023cd2c8f342ec7c55a01bf0c8d17e4b877\"\u003e468a802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003eb7b3def\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd xnack command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2103\"\u003e#2103\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/187d29b45000ee46a4baa8ce91eacfa04675aee8\"\u003e187d29b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zinter zunion count (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2104\"\u003e#2104\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0d510bbc1cfc8b01d862b76c408f6687f6e77809\"\u003e0d510bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eTracingChannel\u003c/code\u003e support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2089\"\u003e#2089\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/4760e0a19c194f29f4feb703003dcf046e4509cd\"\u003e4760e0a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/redis/ioredis/blob/main/CHANGELOG.md\"\u003eioredis's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.11.0...v5.11.1\"\u003e5.11.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecluster:\u003c/strong\u003e reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003ec84b2ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eparse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e131ee24\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.0\"\u003e5.11.0\u003c/a\u003e (2026-05-26)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent RangeError from string accumulation in pipeline (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2088\"\u003e#2088\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/defc07716a9ef10c2077ec4e23ea48cb9ea731fc\"\u003edefc077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereplace deprecated url.parse() with WHATWG URL API (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2081\"\u003e#2081\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0021a4590e286aabbf27f4e2fc18f9d2de829ef0\"\u003e0021a45\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/redis/ioredis/issues/1747\"\u003eredis/ioredis#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003ebaf68d6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e37d0695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Redis MSETEX support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2111\"\u003e#2111\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/04a4615e8e96b9c58d017e360b5eaafede8973d0\"\u003e04a4615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd typed GCRA command support and functional tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2094\"\u003e#2094\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/468a8023cd2c8f342ec7c55a01bf0c8d17e4b877\"\u003e468a802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003eb7b3def\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd xnack command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2103\"\u003e#2103\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/187d29b45000ee46a4baa8ce91eacfa04675aee8\"\u003e187d29b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zinter zunion count (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2104\"\u003e#2104\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0d510bbc1cfc8b01d862b76c408f6687f6e77809\"\u003e0d510bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eTracingChannel\u003c/code\u003e support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2089\"\u003e#2089\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/4760e0a19c194f29f4feb703003dcf046e4509cd\"\u003e4760e0a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/fb224a7609b6d25959e06e31fdab2460d1f75691\"\u003e\u003ccode\u003efb224a7\u003c/code\u003e\u003c/a\u003e chore(release): 5.11.1 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e\u003ccode\u003e131ee24\u003c/code\u003e\u003c/a\u003e fix: parse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003e\u003ccode\u003ec84b2ee\u003c/code\u003e\u003c/a\u003e fix(cluster): reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/14904327fc212d1f592172d776ebe45178fb7ee7\"\u003e\u003ccode\u003e1490432\u003c/code\u003e\u003c/a\u003e chore(release): 5.11.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/5359d4d090c17f2ca1e86d92b139cd935ba4643d\"\u003e\u003ccode\u003e5359d4d\u003c/code\u003e\u003c/a\u003e refactor(utils): inline defaults and isArguments helpers (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2107\"\u003e#2107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003e\u003ccode\u003eb7b3def\u003c/code\u003e\u003c/a\u003e feat: add vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/faa53fdfae7f605c19bd74564639640f9d30d404\"\u003e\u003ccode\u003efaa53fd\u003c/code\u003e\u003c/a\u003e ci: update Node.js and Redis test matrix (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2119\"\u003e#2119\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e\u003ccode\u003e37d0695\u003c/code\u003e\u003c/a\u003e feat: add increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/612ee9dfe96c1df942eaa415ca94881077191b5c\"\u003e\u003ccode\u003e612ee9d\u003c/code\u003e\u003c/a\u003e chore: update Redis 8.8 test image to custom (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2118\"\u003e#2118\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003e\u003ccode\u003ebaf68d6\u003c/code\u003e\u003c/a\u003e feat: add array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tsx` from 4.22.3 to 4.22.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/privatenumber/tsx/releases\"\u003etsx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.3...v4.22.4\"\u003e4.22.4\u003c/a\u003e (2026-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e1ce8463\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.4\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e\u003ccode\u003e1ce8463\u003c/code\u003e\u003c/a\u003e fix: resolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.3...v4.22.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-core` from 16.9.1 to 16.9.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-core@16.9.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e42f0255: Support \u003ccode\u003einvalidate\u003c/code\u003e \u0026amp; \u003ccode\u003erevalidate\u003c/code\u003e on dynamic loader\u003c/li\u003e\n\u003cli\u003ea807798: Improve source API utils \u0026amp; types\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/34b75a0cfb8fd345f0ad04799630f8b329c2fe92\"\u003e\u003ccode\u003e34b75a0\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3324\"\u003e#3324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/73b9cec605ecd7f17b7faff8e9aafdb0d1ecab71\"\u003e\u003ccode\u003e73b9cec\u003c/code\u003e\u003c/a\u003e docs: fix build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/d35d0d6a43492f8a185889d92fa8af8a991761f2\"\u003e\u003ccode\u003ed35d0d6\u003c/code\u003e\u003c/a\u003e fix(mdx): respect \u003ccode\u003eroot\u003c/code\u003e in Vite config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a9f95ffbd913deac945bb420b6fb77589b7a7c8d\"\u003e\u003ccode\u003ea9f95ff\u003c/code\u003e\u003c/a\u003e chore: bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/783c048904305b4769293b047c27f9bd2ad9e31f\"\u003e\u003ccode\u003e783c048\u003c/code\u003e\u003c/a\u003e fix(preview): fix invalid content type in \u003ccode\u003e/img\u003c/code\u003e endpoint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/42f02559dabd35137b28c29597c10bd7dad90fea\"\u003e\u003ccode\u003e42f0255\u003c/code\u003e\u003c/a\u003e feat(core): support \u003ccode\u003einvalidate\u003c/code\u003e \u0026amp; \u003ccode\u003erevalidate\u003c/code\u003e on dynamic loader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a8077981c657305fe72b4db859768d4daa4f0488\"\u003e\u003ccode\u003ea807798\u003c/code\u003e\u003c/a\u003e fix(core): improve source API utils \u0026amp; types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/8b1701942c336148141b9a8dd80bb110a4227f70\"\u003e\u003ccode\u003e8b17019\u003c/code\u003e\u003c/a\u003e docs: document LLM_GATEWAY_MODEL for Ask AI (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3319\"\u003e#3319\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/cad622e541bdd38d552224f621f7ec1f5a257e25\"\u003e\u003ccode\u003ecad622e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3318\"\u003e#3318\u003c/a\u003e from smakosh/feat/llmgateway-ai-provider\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/ee98724b9a13df85331016f1f7079e4e41d82e40\"\u003e\u003ccode\u003eee98724\u003c/code\u003e\u003c/a\u003e fix(openapi): newer scalar client\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-core@16.9.1...fumadocs-core@16.9.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-mdx` from 15.0.8 to 15.0.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-mdx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-mdx@15.0.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed35d0d6: Respect \u003ccode\u003eroot\u003c/code\u003e in Vite config\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [42f0255]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [a807798]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.9.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-mdx@15.0.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecd04425: Support \u003ccode\u003e_fumadocs_skipViteConfig\u003c/code\u003e internal flag\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/34b75a0cfb8fd345f0ad04799630f8b329c2fe92\"\u003e\u003ccode\u003e34b75a0\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3324\"\u003e#3324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/73b9cec605ecd7f17b7faff8e9aafdb0d1ecab71\"\u003e\u003ccode\u003e73b9cec\u003c/code\u003e\u003c/a\u003e docs: fix build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/d35d0d6a43492f8a185889d92fa8af8a991761f2\"\u003e\u003ccode\u003ed35d0d6\u003c/code\u003e\u003c/a\u003e fix(mdx): respect \u003ccode\u003eroot\u003c/code\u003e in Vite config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a9f95ffbd913deac945bb420b6fb77589b7a7c8d\"\u003e\u003ccode\u003ea9f95ff\u003c/code\u003e\u003c/a\u003e chore: bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/783c048904305b4769293b047c27f9bd2ad9e31f\"\u003e\u003ccode\u003e783c048\u003c/code\u003e\u003c/a\u003e fix(preview): fix invalid content type in \u003ccode\u003e/img\u003c/code\u003e endpoint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/42f02559dabd35137b28c29597c10bd7dad90fea\"\u003e\u003ccode\u003e42f0255\u003c/code\u003e\u003c/a\u003e feat(core): support \u003ccode\u003einvalidate\u003c/code\u003e \u0026amp; \u003ccode\u003erevalidate\u003c/code\u003e on dynamic loader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a8077981c657305fe72b4db859768d4daa4f0488\"\u003e\u003ccode\u003ea807798\u003c/code\u003e\u003c/a\u003e fix(core): improve source API utils \u0026amp; types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/8b1701942c336148141b9a8dd80bb110a4227f70\"\u003e\u003ccode\u003e8b17019\u003c/code\u003e\u003c/a\u003e docs: document LLM_GATEWAY_MODEL for Ask AI (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3319\"\u003e#3319\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/cad622e541bdd38d552224f621f7ec1f5a257e25\"\u003e\u003ccode\u003ecad622e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3318\"\u003e#3318\u003c/a\u003e from smakosh/feat/llmgateway-ai-provider\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/ee98724b9a13df85331016f1f7079e4e41d82e40\"\u003e\u003ccode\u003eee98724\u003c/code\u003e\u003c/a\u003e fix(openapi): newer scalar client\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-mdx@15.0.8...fumadocs-mdx@15.0.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-ui` from 16.9.1 to 16.9.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-ui's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-ui@16.9.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [42f0255]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [a807798]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.9.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/34b75a0cfb8fd345f0ad04799630f8b329c2fe92\"\u003e\u003ccode\u003e34b75a0\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3324\"\u003e#3324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/73b9cec605ecd7f17b7faff8e9aafdb0d1ecab71\"\u003e\u003ccode\u003e73b9cec\u003c/code\u003e\u003c/a\u003e docs: fix build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/d35d0d6a43492f8a185889d92fa8af8a991761f2\"\u003e\u003ccode\u003ed35d0d6\u003c/code\u003e\u003c/a\u003e fix(mdx): respect \u003ccode\u003eroot\u003c/code\u003e in Vite config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a9f95ffbd913deac945bb420b6fb77589b7a7c8d\"\u003e\u003ccode\u003ea9f95ff\u003c/code\u003e\u003c/a\u003e chore: bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/783c048904305b4769293b047c27f9bd2ad9e31f\"\u003e\u003ccode\u003e783c048\u003c/code\u003e\u003c/a\u003e fix(preview): fix invalid content type in \u003ccode\u003e/img\u003c/code\u003e endpoint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/42f02559dabd35137b28c29597c10bd7dad90fea\"\u003e\u003ccode\u003e42f0255\u003c/code\u003e\u003c/a\u003e feat(core): support \u003ccode\u003einvalidate\u003c/code\u003e \u0026amp; \u003ccode\u003erevalidate\u003c/code\u003e on dynamic loader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a8077981c657305fe72b4db859768d4daa4f0488\"\u003e\u003ccode\u003ea807798\u003c/code\u003e\u003c/a\u003e fix(core): improve source API utils \u0026amp; types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/8b1701942c336148141b9a8dd80bb110a4227f70\"\u003e\u003ccode\u003e8b17019\u003c/code\u003e\u003c/a\u003e docs: document LLM_GATEWAY_MODEL for Ask AI (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3319\"\u003e#3319\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/cad622e541bdd38d552224f621f7ec1f5a257e25\"\u003e\u003ccode\u003ecad622e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3318\"\u003e#3318\u003c/a\u003e from smakosh/feat/llmgateway-ai-provider\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/ee98724b9a13df85331016f1f7079e4e41d82e40\"\u003e\u003ccode\u003eee98724\u003c/code\u003e\u003c/a\u003e fix(openapi): newer scalar client\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-ui@16.9.1...fumadocs-ui@16.9.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lucide-react` from 1.16.0 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lucide-icons/lucide/releases\"\u003elucide-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4376\"\u003elucide-icons/lucide#4376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(repo): Update issue templates and documentation for package ren… by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4379\"\u003elucide-icons/lucide#4379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Adds survey overlay to website by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4380\"\u003elucide-icons/lucide#4380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Certificate dev links by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4390\"\u003elucide-icons/lucide#4390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): changed \u003ccode\u003emartini\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4335\"\u003elucide-icons/lucide#4335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4386\"\u003elucide-icons/lucide#4386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e from 2.0.0 to 2.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4404\"\u003elucide-icons/lucide#4404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump devalue from 5.8.0 to 5.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4391\"\u003elucide-icons/lucide#4391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ws from 8.18.0 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4392\"\u003elucide-icons/lucide#4392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(gh-icon): limit icon size to a maximum of 256 pixels by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4398\"\u003elucide-icons/lucide#4398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(dependencies): Update dependencies by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4377\"\u003elucide-icons/lucide#4377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(copilot): Adding copilot instructions by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4407\"\u003elucide-icons/lucide#4407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add \u003ccode\u003eglobe-check\u003c/code\u003e by \u003ca href=\"https://github.com/Barakudum\"\u003e\u003ccode\u003e@​Barakudum\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4342\"\u003elucide-icons/lucide#4342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(metadata): Require use-cases in meta json by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4321\"\u003elucide-icons/lucide#4321\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eparasol\u003c/code\u003e icon by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4347\"\u003elucide-icons/lucide#4347\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/lucide-icons/lucide/commits/1.17.0/packages/lucide-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `xstate` from 5.31.1 to 5.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/statelyai/xstate/releases\"\u003exstate's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003exstate@5.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/statelyai/xstate/pull/5512\"\u003e#5512\u003c/a\u003e \u003ca href=\"https://github.com/statelyai/xstate/commit/063416db859581b91fd661ae1a89b75a37fffa69\"\u003e\u003ccode\u003e063416d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/davidkpiano\"\u003e\u003ccode\u003e@​davidkpiano\u003c/code\u003e\u003c/a\u003e! - Export \u003ccode\u003eInspectedTransitionEvent\u003c/code\u003e from \u003ccode\u003exstate\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/statelyai/xstate/commit/ddca0ff8c53dc2e85f9173514cc686308d65bd2c\"\u003e\u003ccode\u003eddca0ff\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/statelyai/xstate/issues/5529\"\u003e#5529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/statelyai/xstate/commit/063416db859581b91fd661ae1a89b75a37fffa69\"\u003e\u003ccode\u003e063416d\u003c/code\u003e\u003c/a\u003e [\u003ccode\u003e@​xstate/store\u003c/code\u003e] Version 4 (\u003ca href=\"https://redirect.github.com/statelyai/xstate/issues/5512\"\u003e#5512\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/statelyai/xstate/commit/d7fb9c6b4ce8ffc4f8ad33c10b656c7f7c0d78e7\"\u003e\u003ccode\u003ed7fb9c6\u003c/code\u003e\u003c/a\u003e Harden CI configs (\u003ca href=\"https://redirect.github.com/statelyai/xstate/issues/5527\"\u003e#5527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/statelyai/xstate/compare/xstate@5.31.1...xstate@5.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tanstack/query-core` from 5.100.14 to 5.101.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/query-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/query-core/CHANGELOG.md\"\u003e@​tanstack/query-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.101.0\u003c/h2\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/f3d8d2abbf15bf81ff7575d3be9845d7b402f25a\"\u003e\u003ccode\u003ef3d8d2a\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/query-core/issues/10774\"\u003e#10774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/532bb298fba15e945e69c6ee4edc0c759ff21324\"\u003e\u003ccode\u003e532bb29\u003c/code\u003e\u003c/a\u003e fix(tests): disable local coverage instrumentation (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/query-core/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/query-core@5.101.0/packages/query-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/estree` from 1.0.8 to 1.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/estree\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `baseline-browser-mapping` from 2.10.32 to 2.10.33\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/releases\"\u003ebaseline-browser-mapping's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.9.3 - remove \u003ccode\u003eprocess.loadEnvFile()\u003c/code\u003e\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process.loadEnfFile() from main script by \u003ca href=\"https://github.com/tonypconway\"\u003e\u003ccode\u003e@​tonypconway\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/web-platform-dx/baseline-browser-mapping/pull/112\"\u003eweb-platform-dx/baseline-browser-mapping#112\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/compare/v2.9.2...v2.9.3\"\u003ehttps://github.com/web-platform-dx/baseline-browser-mapping/compare/v2.9.2...v2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/commit/2ed6553b7c98b432110f5f2e884fc0649b28ee7e\"\u003e\u003ccode\u003e2ed6553\u003c/code\u003e\u003c/a\u003e Patch to 2.10.33 because browser or feature data changed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/commit/260b8c7073a31ba718133afba1f3f0ff31f34e76\"\u003e\u003ccode\u003e260b8c7\u003c/code\u003e\u003c/a\u003e Browser or feature data changed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/commit/f22daa7705ea2d9f3636b1a0f9650bee84c7b2a6\"\u003e\u003ccode\u003ef22daa7\u003c/code\u003e\u003c/a\u003e Updating static site\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/compare/v2.10.32...v2.10.33\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cluster-key-slot` from 1.1.2 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/Salakar/cluster-key-slot/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hasown` from 2.0.3 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/inspect-js/hasOwn/blob/main/CHANGELOG.md\"\u003ehasown's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/inspect-js/hasOwn/compare/v2.0.3...v2.0.4\"\u003ev2.0.4\u003c/a\u003e - 2026-05-28\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[types] drop the dead key-narrowing overload \u003ca href=\"https://github.com/inspect-js/hasOwn/commit/fdab00e2703e65411424e19bf86a7e72a8f10da9\"\u003e\u003ccode\u003efdab00e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/inspect-js/hasOwn/commit/91f624768dd0f7db0d019b89d4d86bd66e20ec30\"\u003e\u003ccode\u003e91f6247\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inspect-js/hasOwn/commit/97f3a857d30d06e4081626ea6e5e3c00023627ff\"\u003e\u003ccode\u003e97f3a85\u003c/code\u003e\u003c/a\u003e v2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inspect-js/hasOwn/commit/fdab00e2703e65411424e19bf86a7e72a8f10da9\"\u003e\u003ccode\u003efdab00e\u003c/code\u003e\u003c/a\u003e [types] drop the dead key-narrowing overload\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inspect-js/hasOwn/commit/91f624768dd0f7db0d019b89d4d86bd66e20ec30\"\u003e\u003ccode\u003e91f6247\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/inspect-js/hasOwn/compare/v2.0.3...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.2.0] - 2026-06-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003edocs/safety.md\u003c/code\u003e with notes about processing untrusted YAML.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxDepth\u003c/code\u003e (100) loader option. Not a problem, but gives a better\nexception instead of RangeError on stack overflow.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxMergeSeqLength\u003c/code\u003e (20) loader option. Not a problem after \u003ccode\u003emerge\u003c/code\u003e fix,\nbut an additional restriction for safety.\u003c/li\u003e\n\u003cli\u003eAdded sourcemaps to \u003ccode\u003edist/\u003c/code\u003e builds.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStop resolving numbers with underscores as numeric scalars, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/627\"\u003e#627\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eSwitched dev toolchains to Vite / neostandard.\u003c/li\u003e\n\u003cli\u003eUpdated demo.\u003c/li\u003e\n\u003cli\u003eReorganized tests.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edist/\u003c/code\u003e files are no longer kept in the repository.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix parsing of properties on the first implicit block mapping key, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/62\"\u003e#62\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix trailing whitespace handling when folding flow scalar lines, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReject top-level block scalars without content indentation, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/280\"\u003e#280\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsure numbers survive round-trip, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/737\"\u003e#737\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix test coverage for issue \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/221\"\u003e#221\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix flow scalar trailing whitespace folding, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix digits in YAML named tag handles.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential DoS via quadratic complexity in merge - deduplicate repeated\nelements (makes sense for malformed files \u0026gt; 10K).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.7.2 to 0.7.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(google-adk): add wrapt dependency by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2436\"\u003elangchain-ai/langsmith-sdk#2436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: lock dependencies by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2439\"\u003elangchain-ai/langsmith-sdk#2439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.4 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2441\"\u003elangchain-ai/langsmith-sdk#2441\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: propagate tracingEnabled to nested traceables by \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2427\"\u003elangchain-ai/langsmith-sdk#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(python): openai agents: delay span start for spans without inputs on start event by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2424\"\u003elangchain-ai/langsmith-sdk#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.3 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2428\"\u003elangchain-ai/langsmith-sdk#2428\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1132e6ce6391d08158a93acb5c96b90521ac3230\"\u003e\u003ccode\u003e1132e6c\u003c/code\u003e\u003c/a\u003e release(py): 0.7.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2441\"\u003e#2441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8c7cc783806e4a6d71300982d58ecb3c9bc658cd\"\u003e\u003ccode\u003e8c7cc78\u003c/code\u003e\u003c/a\u003e chore: lock dependencies (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2439\"\u003e#2439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/62c256ea56fdee0bc539275c749a427e510ded8f\"\u003e\u003ccode\u003e62c256e\u003c/code\u003e\u003c/a\u003e fix(google-adk): add wrapt dependency (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2436\"\u003e#2436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/e32d4c18a681553f47c93350f03dc0a0f0cc4890\"\u003e\u003ccode\u003ee32d4c1\u003c/code\u003e\u003c/a\u003e release(py): 0.7.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2428\"\u003e#2428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1c51bf881dafaeb01432db629de7cafaabca79dc\"\u003e\u003ccode\u003e1c51bf8\u003c/code\u003e\u003c/a\u003e chore(python): openai agents: delay span start for spans without inputs on st...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/a41bf22dadaea489a156dc06a9d0fbf1a977ff6d\"\u003e\u003ccode\u003ea41bf22\u003c/code\u003e\u003c/a\u003e fix: propagate tracingEnabled to nested traceables (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2427\"\u003e#2427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `msgpackr` from 2.0.1 to 2.0.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kriszyp/msgpackr/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `property-information` from 7.1.0 to 7.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/wooorm/property-information/releases\"\u003eproperty-information's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.0\u003c/h2\u003e\n\u003ch4\u003eAdd\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ecb86e8b Add new properties\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e992bfbc Add \u003ccode\u003enumber\u003c/code\u003e for \u003ccode\u003ecolSpan\u003c/code\u003e\nby \u003ca href=\"https://github.com/johanrd\"\u003e\u003ccode\u003e@​johanrd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/wooorm/property-information/pull/26\"\u003ewooorm/property-information#26\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/wooorm/property-information/compare/7.1.0...7.2.0\"\u003ehttps://github.com/wooorm/property-information/compare/7.1.0...7.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/f6f547b1ab52429dba18dcee19fd1ef4c1212b78\"\u003e\u003ccode\u003ef6f547b\u003c/code\u003e\u003c/a\u003e 7.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/992bfbcb8429c7df18ea112dc709d8f68391d459\"\u003e\u003ccode\u003e992bfbc\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003enumber\u003c/code\u003e for \u003ccode\u003ecolSpan\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/08391519b27e6dd90fe930247c248f1fc4e6f380\"\u003e\u003ccode\u003e0839151\u003c/code\u003e\u003c/a\u003e Update dev-dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/cb86e8b0fd8c548dddae250ce4840555c8b8e0bf\"\u003e\u003ccode\u003ecb86e8b\u003c/code\u003e\u003c/a\u003e Add new properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/83ece0950e1f641eb30648031d743d5995d8b519\"\u003e\u003ccode\u003e83ece09\u003c/code\u003e\u003c/a\u003e Update actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/930b589686345c2ce28d82073fd67e6aee861471\"\u003e\u003ccode\u003e930b589\u003c/code\u003e\u003c/a\u003e Add missing JSDoc description\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/a2822cf193374df7057c62c8fa3a18f9917be9d9\"\u003e\u003ccode\u003ea2822cf\u003c/code\u003e\u003c/a\u003e Update dev-dependencies\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/wooorm/property-information/compare/7.1.0...7.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `shiki` from 4.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/shikijs/shiki/releases\"\u003eshiki's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e@​shikijs/stream\u003c/code\u003e and \u003ccode\u003e@​shikijs/magic-move\u003c/code\u003e packages  -  by \u003ca href=\"https://github.com/antfu\"\u003e\u003ccode\u003e@​antfu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/shikijs/shiki/issues/1283\"\u003eshikijs/shiki#1283\u003c/a\u003e \u003ca href=\"https://github.com/shikijs/shiki/commit/d031f9b6\"\u003e\u003c!-- raw HTML omitted --\u003e(d031f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etransformers\u003c/strong\u003e: Handle YAML comment prefixes correctly for v3  -  by \u003ca href=\"https://github.com/AkaHarshit\"\u003e\u003ccode\u003e@​AkaHarshit\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/shikijs/shiki/issues/1266\"\u003eshikijs/shiki#1266\u003c/a\u003e \u003ca href=\"https://github.com/shikijs/shiki/commit/f694a725\"\u003e\u003c!-- raw HTML omitted --\u003e(f694a)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evitepress-twoslash\u003c/strong\u003e: Scroll blocking on mobile viewports  -  by \u003ca href=\"https://github.com/micaiguai\"\u003e\u003ccode\u003e@​micaiguai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/shikijs/shiki/issues/1262\"\u003eshikijs/shiki#1262\u003c/a\u003e \u003ca href=\"https://github.com/shikijs/shiki/commit/9e0e89c8\"\u003e\u003c!-- raw HTML omitted --\u003e(9e0e8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/shikijs/shiki/compare/v4.1.0...v4.2.0\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/shikijs/shiki/commit/1d56dae84801bad3a48dc7104437fbc21819ee4c\"\u003e\u003ccode\u003e1d56dae\u003c/code\u003e\u003c/a\u003e chore: release v4.2.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/shikijs/shiki/commits/v4.2.0/packages/shiki\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tinyglobby` from 0.2.16 to 0.2.17\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/releases\"\u003etinyglobby's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.2.17\u003c/h2\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled staged publishing for stronger supply-chain security\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaults when \u003ccode\u003eundefined\u003c/code\u003e is passed to any of the options by \u003ca href=\"https://github.com/chloeelim\"\u003e\u003ccode\u003e@​chloeelim\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrive-relative paths on Windows by \u003ca href=\"https://github.com/Andrej730\"\u003e\u003ccode\u003e@​Andrej730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFileSystemAdapter\u003c/code\u003e is now exported again\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eConsider \u003ca href=\"https://github.com/sponsors/SuperchupuDev\"\u003esponsoring\u003c/a\u003e if you'd like to support the development of this project and the goal of reaching a lighter and faster ecosystem\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/blob/main/CHANGELOG.md\"\u003etinyglobby's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/compare/0.2.16...0.2.17\"\u003e0.2.17\u003c/a\u003e\u003c/h3\u003e\n\u003ch4\u003eChanged\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled staged publishing for stronger supply-chain security\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDefaults when \u003ccode\u003eundefined\u003c/code\u003e is passed to any of the options by \u003ca href=\"https://github.com/chloeelim\"\u003echloeelim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrive-relative paths on Windows by \u003ca href=\"https://github.com/Andrej730\"\u003eAndrej730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFileSystemAdapter\u003c/code\u003e is now exported again\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/f80cb8448dc5058f38bc25642375c1934112c7ba\"\u003e\u003ccode\u003ef80cb84\u003c/code\u003e\u003c/a\u003e release 0.2.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/d5d1ce34aa59ce6a3e8271236c109fbeb50bac27\"\u003e\u003ccode\u003ed5d1ce3\u003c/code\u003e\u003c/a\u003e enable staged publishes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/ec39d486d02eb799d86bda52e5d33618adff28f3\"\u003e\u003ccode\u003eec39d48\u003c/code\u003e\u003c/a\u003e Update all non-major dependencies (\u003ca href=\"https://redirect.github.com/SuperchupuDev/tinyglobby/issues/204\"\u003e#204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/d618ed47f84e7c01a0cf2d7dae72ad053f6524dc\"\u003e\u003ccode\u003ed618ed4\u003c/code\u003e\u003c/a\u003e improve benchmark infra\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/dd10cb2d3f076c5fb53333835c9a1643d22d62a9\"\u003e\u003ccode\u003edd10cb2\u003c/code\u003e\u003c/a\u003e disable cache in publish workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/749694d90ff3b21e746d5ada1ed5ad4790db6a6d\"\u003e\u003ccode\u003e749694d\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eminimumReleaseAge\u003c/code\u003e in renovate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/937a0c79ad6d58f6e12f1b96de8f8f80daf9ed98\"\u003e\u003ccode\u003e937a0c7\u003c/code\u003e\u003c/a\u003e remove \u003ccode\u003e.vscode\u003c/code\u003e folder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/298769ae536876db3eed1bc75f2515f5348e36d4\"\u003e\u003ccode\u003e298769a\u003c/code\u003e\u003c/a\u003e fix alt text in readme (\u003ca href=\"https://redirect.github.com/SuperchupuDev/tinyglobby/issues/203\"\u003e#203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/8927f0a2fef3a6ea13da7fbc1b20041b92574bfc\"\u003e\u003ccode\u003e8927f0a\u003c/code\u003e\u003c/a\u003e run ci on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/e8519ee10a0c8df836d1076f9f0a80763b7ae07b\"\u003e\u003ccode\u003ee8519ee\u003c/code\u003e\u003c/a\u003e Update all non-major dependencies (\u003ca href=\"https://redirect.github.com/SuperchupuDev/tinyglobby/issues/195\"\u003e#195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/compare/0.2.16...0.2.17\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 8.0.14 to 8.0.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.16\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.16/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.15\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.15/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.15...v8.0.16\"\u003e8.0.16\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9\"\u003e50b9512\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546\"\u003edc245c7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.14...v8.0.15\"\u003e8.0.15\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esend 408 on request timeout (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22476\"\u003e#22476\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c85c9eeb9aaf41f477b48b057146887bd5620797\"\u003ec85c9ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.3 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22538\"\u003e#22538\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575\"\u003e646dbed\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecapitalize error messages and remove spurious space in parse error (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22488\"\u003e#22488\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3\"\u003e85a0eff\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22511\"\u003e#22511\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa\"\u003e2686d7d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edev:\u003c/strong\u003e fix html-proxy cache key mismatch for /@fs/ HTML paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21762\"\u003e#21762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/47c4213f134f562c41ed7c031e4788510cf7e31e\"\u003e47c4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eglob:\u003c/strong\u003e error on relative glob in virtual module when no files match (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22497\"\u003e#22497\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5c8e98f8b584ac5d42f0f9b8580c49792213b13c\"\u003e5c8e98f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoptimizer:\u003c/strong\u003e close the rolldown bundle when write() rejects (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22528\"\u003e#22528\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815\"\u003ee3cfb9d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eresolve:\u003c/strong\u003e provide onWarn for viteResolvePlugin in JS plugin containers (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22509\"\u003e#22509\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/40985f1c09b7696e594e6c5695fbc315d2da2c83\"\u003e40985f1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22566\"\u003e#22566\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd\"\u003e3052a67\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Refactoring\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecorrect logic in \u003ccode\u003ecollectAllModules\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22562\"\u003e#22562\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c\"\u003e6978a9c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f94df87ff03b40b65e29bacdc04cc18c7bccaa4a\"\u003e\u003ccode\u003ef94df87\u003c/code\u003e\u003c/a\u003e release: v8.0.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546\"\u003e\u003ccode\u003edc245c7\u003c/code\u003e\u003c/a\u003e fix: reject windows alternate paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22572\"\u003e#22572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9\"\u003e\u003ccode\u003e50b9512\u003c/code\u003e\u003c/a\u003e fix(deps): reject UNC paths for launch-editor-middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22571\"\u003e#22571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8d1b0195fd186d0b3297d7cd17acff6c96797420\"\u003e\u003ccode\u003e8d1b019\u003c/code\u003e\u003c/a\u003e release: v8.0.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa\"\u003e\u003ccode\u003e2686d7d\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22511\"\u003e#22511\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd\"\u003e\u003ccode\u003e3052a67\u003c/code\u003e\u003c/a\u003e chore(deps): update rolldown-related dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22566\"\u003e#22566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815\"\u003e\u003ccode\u003ee3cfb9d\u003c/code\u003e\u003c/a\u003e fix(optimizer): close the rolldown bundle when write() rejects (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22528\"\u003e#22528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c\"\u003e\u003ccode\u003e6978a9c\u003c/code\u003e\u003c/a\u003e refactor: correct logic in \u003ccode\u003ecollectAllModules\u003c/code\u003e function (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22562\"\u003e#22562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575\"\u003e\u003ccode\u003e646dbed\u003c/code\u003e\u003c/a\u003e feat: update rolldown to 1.0.3 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22538\"\u003e#22538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3\"\u003e\u003ccode\u003e85a0eff\u003c/code\u003e\u003c/a\u003e fix: capitalize error messages and remove spurious space in parse error (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22488\"\u003e#22488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v8.0.16/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e","html_url":"https://github.com/shchilkin/PopChoice/pull/679","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/shchilkin%2FPopChoice/issues/679","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/679/packages"},{"uuid":"4576664740","node_id":"PR_kwDOLCxMKc7iDhg7","number":2476,"state":"open","title":"chore(deps): bump the langchain group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-03T03:37:59.000Z","updated_at":"2026-06-03T19:58:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"langchain","update_count":8,"packages":[{"name":"@langchain/anthropic","old_version":"1.3.28","new_version":"1.4.0","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/core","old_version":"1.1.44","new_version":"1.1.48","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"langchain","old_version":"1.4.0-dev-1777615538778","new_version":"1.4.4","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/openai","old_version":"1.4.5","new_version":"1.4.7","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/groq","old_version":"1.2.0","new_version":"1.2.1","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/mistralai","old_version":"1.0.8","new_version":"1.1.0","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/classic","old_version":"1.0.32","new_version":"1.0.34","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"langsmith","old_version":"0.6.0","new_version":"0.7.4","repository_url":"https://github.com/langchain-ai/langsmith-sdk"}],"path":null,"ecosystem":"npm"},"body":"Bumps the langchain group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@langchain/anthropic](https://github.com/langchain-ai/langchainjs) | `1.3.28` | `1.4.0` |\n| [@langchain/core](https://github.com/langchain-ai/langchainjs) | `1.1.44` | `1.1.48` |\n| [langchain](https://github.com/langchain-ai/langchainjs) | `1.4.0-dev-1777615538778` | `1.4.4` |\n| [@langchain/openai](https://github.com/langchain-ai/langchainjs) | `1.4.5` | `1.4.7` |\n| [@langchain/groq](https://github.com/langchain-ai/langchainjs) | `1.2.0` | `1.2.1` |\n| [@langchain/mistralai](https://github.com/langchain-ai/langchainjs) | `1.0.8` | `1.1.0` |\n| [@langchain/classic](https://github.com/langchain-ai/langchainjs) | `1.0.32` | `1.0.34` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.6.0` | `0.7.4` |\n\n\nUpdates `@langchain/anthropic` from 1.3.28 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/anthropic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/anthropic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10777\"\u003e#10777\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/0cfcfc66897d8fafeb7e7ed90b7299eace9a7c37\"\u003e\u003ccode\u003e0cfcfc6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jonaslalin\"\u003e\u003ccode\u003e@​jonaslalin\u003c/code\u003e\u003c/a\u003e! - feat(anthropic): support strict tool calling for custom tools\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/anthropic@1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/core` from 1.1.44 to 1.1.48\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.48\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10832\"\u003e#10832\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1b24369a970ad6f56f1f428027f48601f87e62eb\"\u003e\u003ccode\u003e1b24369\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/info-arnav\"\u003e\u003ccode\u003e@​info-arnav\u003c/code\u003e\u003c/a\u003e! - fix(core, openrouter): make CJS default re-exports callable\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10666\"\u003e#10666\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2bb55b053f49f89e81e3252a7af08e86d71ddd95\"\u003e\u003ccode\u003e2bb55b0\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hnustwjj\"\u003e\u003ccode\u003e@​hnustwjj\u003c/code\u003e\u003c/a\u003e! - feat(openrouter): surface reasoning content as v1 standard content blocks\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003econvertOpenRouterResponseToBaseMessage\u003c/code\u003e and\n\u003ccode\u003econvertOpenRouterDeltaToBaseMessageChunk\u003c/code\u003e now copy OpenRouter's\n\u003ccode\u003ereasoning\u003c/code\u003e (flat string) and \u003ccode\u003ereasoning_details\u003c/code\u003e (structured array) fields\nonto \u003ccode\u003eadditional_kwargs.reasoning_content\u003c/code\u003e / \u003ccode\u003eadditional_kwargs.reasoning_details\u003c/code\u003e.\nA new \u003ccode\u003eChatOpenRouterTranslator\u003c/code\u003e is registered in \u003ccode\u003e@langchain/core\u003c/code\u003e under\nthe \u003ccode\u003e\u0026quot;openrouter\u0026quot;\u003c/code\u003e provider key so \u003ccode\u003eAIMessage.contentBlocks\u003c/code\u003e emits standard\n\u003ccode\u003e{type: \u0026quot;reasoning\u0026quot;}\u003c/code\u003e blocks alongside text and tool calls.\u003c/p\u003e\n\u003cp\u003ePreviously, reasoning text returned by reasoning-capable models routed\nthrough OpenRouter (DeepSeek R1, Minimax M2, Claude extended thinking,\no-series, etc.) was silently dropped: only the \u003ccode\u003ereasoning_tokens\u003c/code\u003e count\nwas preserved via \u003ccode\u003eusage_metadata\u003c/code\u003e. Consumers using standard content blocks\n(including the frontend agent UI patterns shown in the docs) could not\ndisplay the model's chain of thought.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10918\"\u003e#10918\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3999fab55870c6eea22d6d90c08aa472f9b2fac3\"\u003e\u003ccode\u003e3999fab\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(openai): stream custom tool calls through Responses API chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.47\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10906\"\u003e#10906\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f61b3450f275831e47e69c08899b4a2b67b4bdb3\"\u003e\u003ccode\u003ef61b345\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - feat(core): add uuid v6 utility support\u003c/p\u003e\n\u003cp\u003eAdd \u003ccode\u003ev6\u003c/code\u003e UUID generation support to \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e by vendoring the upstream uuidjs \u003ccode\u003ev6\u003c/code\u003e implementation and its \u003ccode\u003ev1ToV6\u003c/code\u003e helper, exporting \u003ccode\u003ev6\u003c/code\u003e from the UUID utils index, and adding tests for deterministic generation, buffer/offset behavior, validation/versioning, and ordering.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10792\"\u003e#10792\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3682268cd1844b2573b01f07bee367e21cb7bdc7\"\u003e\u003ccode\u003e3682268\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(core): apply v1 message casting after implicit streaming aggregation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10901\"\u003e#10901\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f26fc4a6f461d6d0f86d59bd00197ad510432c4a\"\u003e\u003ccode\u003ef26fc4a\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(testing): share fakeModel invocation state across bindTools instances\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.46\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10847\"\u003e#10847\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1659e7d36e31e315c890fa98f43db887f7a2d52b\"\u003e\u003ccode\u003e1659e7d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(core): reduce transitive dependency exposure and tighten release hygiene\u003c/p\u003e\n\u003cp\u003eRemove direct runtime dependencies on \u003ccode\u003eansi-styles\u003c/code\u003e, \u003ccode\u003ecamelcase\u003c/code\u003e, and \u003ccode\u003edecamelize\u003c/code\u003e\nby inlining equivalent logic in core internals, and enable npm provenance in the\nrelease workflow.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10790\"\u003e#10790\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/ef78bc6a21f9a8808ba95c98db2023f0a6b51bcc\"\u003e\u003ccode\u003eef78bc6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(core): keep different content block types separate when merging chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/core@1.1.48\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langchain` from 1.4.0-dev-1777615538778 to 1.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003elangchain's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003elangchain@1.4.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10900\"\u003e#10900\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/6bbddca1f8f7f280583fd839bb40c00bf19a0d51\"\u003e\u003ccode\u003e6bbddca\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(langchain): unwrap tool message outputs in agent streams\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10706\"\u003e#10706\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/4ecb6606feae3156a07de67e39e2027f857c476e\"\u003e\u003ccode\u003e4ecb660\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/JadenKim-dev\"\u003e\u003ccode\u003e@​JadenKim-dev\u003c/code\u003e\u003c/a\u003e! - fix(langchain): set name on todoListMiddleware ToolMessages\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003elangchain@1.4.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10879\"\u003e#10879\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/eb480cb6df8e0fa792826155bfa00a6db4536444\"\u003e\u003ccode\u003eeb480cb\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/vignesh-gep\"\u003e\u003ccode\u003e@​vignesh-gep\u003c/code\u003e\u003c/a\u003e! - fix(langchain/createAgent): throw on terminal \u003ccode\u003eproviderStrategy\u003c/code\u003e parse failure instead of silently resolving with \u003ccode\u003estructuredResponse: undefined\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eWhen \u003ccode\u003ecreateAgent\u003c/code\u003e was configured with \u003ccode\u003eresponseFormat\u003c/code\u003e resolving to a \u003ccode\u003eproviderStrategy\u003c/code\u003e (either passed explicitly or auto-promoted from a bare Zod / JSON schema for models whose profile reports \u003ccode\u003estructuredOutput: true\u003c/code\u003e), and the model produced a terminal response (no \u003ccode\u003etool_calls\u003c/code\u003e) whose text could not be JSON-parsed or did not satisfy the schema, the agent silently exited with no \u003ccode\u003estructuredResponse\u003c/code\u003e, surfacing later as \u003ccode\u003eTypeError: Cannot read properties of undefined\u003c/code\u003e. The agent now throws a \u003ccode\u003eStructuredOutputParsingError\u003c/code\u003e in that case while still allowing the agent loop to continue when tool calls are present. Closes \u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10878\"\u003e#10878\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10160\"\u003e#10160\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/bba900c7c8781c7efec856d5d3e539a93f14e797\"\u003e\u003ccode\u003ebba900c\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/JadenKim-dev\"\u003e\u003ccode\u003e@​JadenKim-dev\u003c/code\u003e\u003c/a\u003e! - fix(langchain): prevent llmToolSelectorMiddleware from leaking into message stream\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/openai@1.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/openai` from 1.4.5 to 1.4.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/openai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/openai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10918\"\u003e#10918\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3999fab55870c6eea22d6d90c08aa472f9b2fac3\"\u003e\u003ccode\u003e3999fab\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(openai): stream custom tool calls through Responses API chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10791\"\u003e#10791\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/fce9ab418901323618fdfaaa9fc350fa1c0d50e0\"\u003e\u003ccode\u003efce9ab4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(openai): preserve top-level Responses API ids on AI messages\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/openai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10902\"\u003e#10902\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/229a7ad67b9a7ebd8df3ca451e0b8195bea0190e\"\u003e\u003ccode\u003e229a7ad\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(openai): preserve v1 assistant tool calls\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10895\"\u003e#10895\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/36fb0ef1dc76c096dcfa0c777e10c9f9365a5240\"\u003e\u003ccode\u003e36fb0ef\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/BertBR\"\u003e\u003ccode\u003e@​BertBR\u003c/code\u003e\u003c/a\u003e! - fix(openai): guard bare \u003ccode\u003eJSON.parse\u003c/code\u003e in Responses API converter against trailing non-whitespace characters\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003econvertResponsesDeltaToChatGenerationChunk\u003c/code\u003e previously called \u003ccode\u003eJSON.parse(msg.text)\u003c/code\u003e directly when \u003ccode\u003eresponse.text.format.type === \u0026quot;json_schema\u0026quot;\u003c/code\u003e. Some models (observed with \u003ccode\u003egpt-5-mini\u003c/code\u003e on \u003ccode\u003eservice_tier: \u0026quot;auto\u0026quot;\u003c/code\u003e) intermittently emit trailing non-whitespace characters (extra tokens, control characters) after a valid JSON object, causing a \u003ccode\u003eSyntaxError\u003c/code\u003e that propagates as an unhandled exception and kills the entire streaming response mid-flight. The parse is now wrapped in a \u003ccode\u003etry\u003c/code\u003e/\u003ccode\u003ecatch\u003c/code\u003e: on failure, \u003ccode\u003eadditional_kwargs.parsed\u003c/code\u003e is left undefined, the stream completes normally, and the existing \u003ccode\u003ewithStructuredOutput\u003c/code\u003e pipeline handles the typed failure — \u003ccode\u003eincludeRaw: true\u003c/code\u003e returns \u003ccode\u003e{ raw, parsed: null }\u003c/code\u003e via its \u003ccode\u003ewithFallbacks\u003c/code\u003e wrapper, \u003ccode\u003eincludeRaw: false\u003c/code\u003e throws a typed \u003ccode\u003eOutputParserException\u003c/code\u003e that the caller can catch and retry. Closes \u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10894\"\u003e#10894\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/openai@1.4.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/groq` from 1.2.0 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/groq's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/groq\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.2.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1b19e4f84d747b481879363b4884c20eb1c0f1a4\"\u003e\u003ccode\u003e1b19e4f\u003c/code\u003e\u003c/a\u003e chore: version packages (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/426e3aba21016d9ee070c3d130f74ae0047c9ce5\"\u003e\u003ccode\u003e426e3ab\u003c/code\u003e\u003c/a\u003e chore: fix uuid changeset (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10916\"\u003e#10916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/245c98216ce4a6c4340954711a7ad60203283424\"\u003e\u003ccode\u003e245c982\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10914\"\u003e#10914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/126dac5a7a2fac5978448185893038ac8ea6d994\"\u003e\u003ccode\u003e126dac5\u003c/code\u003e\u003c/a\u003e chore(deps): bump brace-expansion from 5.0.5 to 5.0.6 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10912\"\u003e#10912\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1abe24becdddce94c5bd2acfaf920b60a683f22b\"\u003e\u003ccode\u003e1abe24b\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10913\"\u003e#10913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/229a7ad67b9a7ebd8df3ca451e0b8195bea0190e\"\u003e\u003ccode\u003e229a7ad\u003c/code\u003e\u003c/a\u003e fix(openai): preserve v1 assistant tool calls (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10902\"\u003e#10902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f26fc4a6f461d6d0f86d59bd00197ad510432c4a\"\u003e\u003ccode\u003ef26fc4a\u003c/code\u003e\u003c/a\u003e fix(core): share fakeModel invocation state across bindTools instances (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10901\"\u003e#10901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a0cd7477e59677c8d15e0e70b374afa0a2410582\"\u003e\u003ccode\u003ea0cd747\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-xml-builder from 1.1.5 to 1.1.9 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10910\"\u003e#10910\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/b208e625865fc7487876b652f479dbf854263e68\"\u003e\u003ccode\u003eb208e62\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address from 10.1.0 to 10.2.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10909\"\u003e#10909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f7e50fb8b98bd9969c0f5cf0967a06df15453453\"\u003e\u003ccode\u003ef7e50fb\u003c/code\u003e\u003c/a\u003e feat(google): Service tier and custom headers (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10704\"\u003e#10704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langchainjs/compare/@langchain/groq@1.2.0...@langchain/groq@1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/mistralai` from 1.0.8 to 1.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/mistralai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/mistralai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10873\"\u003e#10873\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a74d574f7f086bea2f5c7a852e869f7d24be2f55\"\u003e\u003ccode\u003ea74d574\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/baptistejamin\"\u003e\u003ccode\u003e@​baptistejamin\u003c/code\u003e\u003c/a\u003e! - chore(mistralai): upgrade to \u003ccode\u003e@​mistralai/mistralai\u003c/code\u003e v2\u003c/p\u003e\n\u003cp\u003eAlso populates \u003ccode\u003eresponse_metadata.model\u003c/code\u003e on chat completions (was missing before).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/caad0914f068477293009dbf27a220fa96bdc4b8\"\u003e\u003ccode\u003ecaad091\u003c/code\u003e\u003c/a\u003e chore: version packages (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10919\"\u003e#10919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f4a6149e3e754203f5886dd8c2bccaa7a6fd4f81\"\u003e\u003ccode\u003ef4a6149\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10926\"\u003e#10926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/7b12f6dfa537932073f96b561d7c851b30d69132\"\u003e\u003ccode\u003e7b12f6d\u003c/code\u003e\u003c/a\u003e chore(deps): bump protobufjs from 7.5.6 to 7.6.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10930\"\u003e#10930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/5c6c5fef0cb392e782675ca5926e291a4295a653\"\u003e\u003ccode\u003e5c6c5fe\u003c/code\u003e\u003c/a\u003e chore(deps): bump ws from 5.2.4 to 8.20.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10915\"\u003e#10915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a8652ceeb5e36434565c96fc1a6bd9a4a36304cc\"\u003e\u003ccode\u003ea8652ce\u003c/code\u003e\u003c/a\u003e docs: fix typos, add Ollama setup, update outdated references (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10922\"\u003e#10922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2bb55b053f49f89e81e3252a7af08e86d71ddd95\"\u003e\u003ccode\u003e2bb55b0\u003c/code\u003e\u003c/a\u003e feat(openrouter): surface reasoning as v1 standard content blocks (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10666\"\u003e#10666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/4ecb6606feae3156a07de67e39e2027f857c476e\"\u003e\u003ccode\u003e4ecb660\u003c/code\u003e\u003c/a\u003e fix(langchain): set name on todoListMiddleware ToolMessages (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10706\"\u003e#10706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/20f27dff08a4bd5a1a16c1c71a88405c9df82914\"\u003e\u003ccode\u003e20f27df\u003c/code\u003e\u003c/a\u003e fix(ibm): handle API errors in streaming responses (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10721\"\u003e#10721\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/45668734c3205e631cdd33ac071bbf733f4558c7\"\u003e\u003ccode\u003e4566873\u003c/code\u003e\u003c/a\u003e feat(ibm): add integration test to IBM implementation (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10732\"\u003e#10732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/6e4337fec1a7707c1a1c709a7b6aa0c5efb7b11d\"\u003e\u003ccode\u003e6e4337f\u003c/code\u003e\u003c/a\u003e fix(aws): add claude-haiku-4 to supportedToolChoiceValuesForModel (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10743\"\u003e#10743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langchainjs/compare/@langchain/classic@1.0.8...@langchain/mistralai@1.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/classic` from 1.0.32 to 1.0.34\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/classic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/classic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.34\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3999fab55870c6eea22d6d90c08aa472f9b2fac3\"\u003e\u003ccode\u003e3999fab\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/fce9ab418901323618fdfaaa9fc350fa1c0d50e0\"\u003e\u003ccode\u003efce9ab4\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​langchain/openai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.7\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/classic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.33\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/229a7ad67b9a7ebd8df3ca451e0b8195bea0190e\"\u003e\u003ccode\u003e229a7ad\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/36fb0ef1dc76c096dcfa0c777e10c9f9365a5240\"\u003e\u003ccode\u003e36fb0ef\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​langchain/openai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/classic@1.0.34\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.6.0 to 0.7.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(google-adk): add wrapt dependency by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2436\"\u003elangchain-ai/langsmith-sdk#2436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: lock dependencies by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2439\"\u003elangchain-ai/langsmith-sdk#2439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.4 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2441\"\u003elangchain-ai/langsmith-sdk#2441\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: propagate tracingEnabled to nested traceables by \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2427\"\u003elangchain-ai/langsmith-sdk#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(python): openai agents: delay span start for spans without inputs on start event by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2424\"\u003elangchain-ai/langsmith-sdk#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.3 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2428\"\u003elangchain-ai/langsmith-sdk#2428\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2389\"\u003elangchain-ai/langsmith-sdk#2389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove \u003ca href=\"https://github.com/internal\"\u003e\u003ccode\u003e@​internal\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2391\"\u003elangchain-ai/langsmith-sdk#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2392\"\u003elangchain-ai/langsmith-sdk#2392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump openai from 5.8.2 to 6.18.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2378\"\u003elangchain-ai/langsmith-sdk#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump cross-env from 7.0.3 to 10.1.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2379\"\u003elangchain-ai/langsmith-sdk#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2376\"\u003elangchain-ai/langsmith-sdk#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump node-fetch from 2.7.0 to 3.3.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2380\"\u003elangchain-ai/langsmith-sdk#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGoogle ADK LangSmith tracing enhancements by \u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependabot.yml to comply with posture checks by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2393\"\u003elangchain-ai/langsmith-sdk#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump cryptography from 46.0.3 to 46.0.5 in /python in the uv group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2397\"\u003elangchain-ai/langsmith-sdk#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2398\"\u003elangchain-ai/langsmith-sdk#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2399\"\u003elangchain-ai/langsmith-sdk#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump packaging from 25.0 to 26.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2403\"\u003elangchain-ai/langsmith-sdk#2403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pytest from 8.4.2 to 9.0.2 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2405\"\u003elangchain-ai/langsmith-sdk#2405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 20 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2406\"\u003elangchain-ai/langsmith-sdk#2406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Log Vitest/Jest outputs even if test throws an error by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2408\"\u003elangchain-ai/langsmith-sdk#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove async by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2409\"\u003elangchain-ai/langsmith-sdk#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.3 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2410\"\u003elangchain-ai/langsmith-sdk#2410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignoring p-queue dep by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2414\"\u003elangchain-ai/langsmith-sdk#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add on_start handler for traceable, use in evaluate by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2421\"\u003elangchain-ai/langsmith-sdk#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.4 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2422\"\u003elangchain-ai/langsmith-sdk#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2419\"\u003elangchain-ai/langsmith-sdk#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2423\"\u003elangchain-ai/langsmith-sdk#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2426\"\u003elangchain-ai/langsmith-sdk#2426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1132e6ce6391d08158a93acb5c96b90521ac3230\"\u003e\u003ccode\u003e1132e6c\u003c/code\u003e\u003c/a\u003e release(py): 0.7.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2441\"\u003e#2441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8c7cc783806e4a6d71300982d58ecb3c9bc658cd\"\u003e\u003ccode\u003e8c7cc78\u003c/code\u003e\u003c/a\u003e chore: lock dependencies (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2439\"\u003e#2439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/62c256ea56fdee0bc539275c749a427e510ded8f\"\u003e\u003ccode\u003e62c256e\u003c/code\u003e\u003c/a\u003e fix(google-adk): add wrapt dependency (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2436\"\u003e#2436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/e32d4c18a681553f47c93350f03dc0a0f0cc4890\"\u003e\u003ccode\u003ee32d4c1\u003c/code\u003e\u003c/a\u003e release(py): 0.7.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2428\"\u003e#2428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1c51bf881dafaeb01432db629de7cafaabca79dc\"\u003e\u003ccode\u003e1c51bf8\u003c/code\u003e\u003c/a\u003e chore(python): openai agents: delay span start for spans without inputs on st...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/a41bf22dadaea489a156dc06a9d0fbf1a977ff6d\"\u003e\u003ccode\u003ea41bf22\u003c/code\u003e\u003c/a\u003e fix: propagate tracingEnabled to nested traceables (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2427\"\u003e#2427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3a6e9dac4bf3a940f7ee47e420cc1422f9f4a4b4\"\u003e\u003ccode\u003e3a6e9da\u003c/code\u003e\u003c/a\u003e release(py): 0.7.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/f665e865e7ab7a0ba1de447f2a1cf14c719af00a\"\u003e\u003ccode\u003ef665e86\u003c/code\u003e\u003c/a\u003e feat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2423\"\u003e#2423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/565c4a2c5769e698ecffbf7f43131ff9cc467f8d\"\u003e\u003ccode\u003e565c4a2\u003c/code\u003e\u003c/a\u003e feat(python): add feedback config CRUD and annotation queue rubric items (clo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/e1b1fe13c382371ebe4cffa1b95eba3bf74e2f37\"\u003e\u003ccode\u003ee1b1fe1\u003c/code\u003e\u003c/a\u003e release(js): 0.5.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2422\"\u003e#2422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.6.0...v0.7.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/langchain-ai/langgraphjs/pull/2476","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flanggraphjs/issues/2476","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2476/packages"},{"uuid":"4559372432","node_id":"PR_kwDONhlJ1c7hLHH1","number":240,"state":"closed","title":"feat(deps): Bump the npm_and_yarn group across 17 directories with 5 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-31T23:38:48.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-31T23:32:15.000Z","updated_at":"2026-05-31T23:38:50.000Z","time_to_close":393,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"feat(deps): Bump","group_name":"npm_and_yarn","update_count":5,"packages":[{"name":"astro","old_version":"3.5.0","new_version":"6.1.10","repository_url":"https://github.com/withastro/astro"},{"name":"next","old_version":"14.2.35","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"svelte","old_version":"3.59.2","new_version":"5.55.7","repository_url":"https://github.com/sveltejs/svelte"},{"name":"devalue","old_version":"4.3.3","new_version":"5.8.1"},{"name":"langsmith","old_version":"0.3.74","new_version":"0.3.87","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"astro","old_version":"3.5.0","new_version":"6.1.10","repository_url":"https://github.com/withastro/astro"},{"name":"astro","old_version":"3.5.0","new_version":"6.1.10","repository_url":"https://github.com/withastro/astro"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 4 updates in the / directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro), [next](https://github.com/vercel/next.js), [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) and [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/astro-4 directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/astro-5 directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/astro-5-cf-workers directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-13 directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-14 directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-16-cacheComponents directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-16-trailing-slash directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-app-dir directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-orpc directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-pages-dir directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/supabase-nextjs directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/sveltekit-2 directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte).\nBumps the npm_and_yarn group with 1 update in the /packages/astro directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro).\nBumps the npm_and_yarn group with 1 update in the /packages/nextjs directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /packages/svelte directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte).\nBumps the npm_and_yarn group with 1 update in the /packages/sveltekit directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte).\n\nUpdates `astro` from 3.5.0 to 6.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/releases\"\u003eastro's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eastro@6.1.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16479\"\u003e#16479\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious \u003ccode\u003e[WARN] [content] Content config not loaded\u003c/code\u003e warning during \u003ccode\u003eastro dev\u003c/code\u003e for projects that don't use content collections\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16457\"\u003e#16457\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens server island encryption to prevent encrypted data from one island component being replayed against a different one\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16481\"\u003e#16481\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious 404 request for a dev toolbar sourcemap during \u003ccode\u003eastro dev\u003c/code\u003e caused by the browser mis-resolving a relative \u003ccode\u003esourceMappingURL\u003c/code\u003e from the \u003ccode\u003e/@id/\u003c/code\u003e URL prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16480\"\u003e#16480\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes an unnecessary full page reload on first navigation during dev\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16448\"\u003e#16448\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Updates vite, picomatch, and unstorage to latest patch versions\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16422\"\u003e#16422\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a3951d7873c7c210fedbaa77702bc33db6410715\"\u003e\u003ccode\u003ea3951d7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens \u003ccode\u003eastro-island\u003c/code\u003e export resolution and hydration error handling for malformed component metadata\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16420\"\u003e#16420\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/e21de1d03b318d5045dba718291c04fe05c01490\"\u003e\u003ccode\u003ee21de1d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16419\"\u003e#16419\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16022\"\u003e#16022\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a002540d60d4a840db9971e73c820a8015658ffe\"\u003e\u003ccode\u003ea002540\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/mathieumaf\"\u003e\u003ccode\u003e@​mathieumaf\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where i18n domains would return 404 when \u003ccode\u003etrailingSlash\u003c/code\u003e is set to \u003ccode\u003enever\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/internal-helpers\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.9.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/markdown-remark\u003c/code\u003e\u003ca href=\"https://github.com/7\"\u003e\u003ccode\u003e@​7\u003c/code\u003e\u003c/a\u003e.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16367\"\u003e#16367\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a6866a7ef086627f8f8237274361d8acc2f85121\"\u003e\u003ccode\u003ea6866a7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where build output files could contain special characters (\u003ccode\u003e!\u003c/code\u003e, \u003ccode\u003e~\u003c/code\u003e, \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e}\u003c/code\u003e) in their names, causing deploy failures on platforms like Netlify.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16381\"\u003e#16381\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/217c5b3b937f0aee7e59280e8a10cf2bd4237605\"\u003e\u003ccode\u003e217c5b3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16348\"\u003e#16348\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/7d26cd77bc1b33cee81f0e7b408dc2d170be1bdd\"\u003e\u003ccode\u003e7d26cd7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ocavue\"\u003e\u003ccode\u003e@​ocavue\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where \u003ccode\u003eallowedDomains\u003c/code\u003e weren't correctly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16379\"\u003e#16379\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5a845514114ae21ca9820e98b56cce33c0cf579b\"\u003e\u003ccode\u003e5a84551\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/martrapp\"\u003e\u003ccode\u003e@​martrapp\u003c/code\u003e\u003c/a\u003e! - Improves Vue scoped style handling in DEV mode during client router navigation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Adds tests to verify settings are properly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16282\"\u003e#16282\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5b0fdaa8ba3dc17f4b93d9847c3255150b0aeab2\"\u003e\u003ccode\u003e5b0fdaa\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jmurty\"\u003e\u003ccode\u003e@​jmurty\u003c/code\u003e\u003c/a\u003e! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/e0b240edea4db632138def3a9003b4b12e12f765\"\u003e\u003ccode\u003ee0b240e\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/telemetry\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.3.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v3.md\"\u003eastro's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9226\"\u003e#9226\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/8f8a40e93d6a0774ba84a6f5db8c42cd81db005e\"\u003e\u003ccode\u003e8f8a40e93\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/outofambit\"\u003e\u003ccode\u003e@​outofambit\u003c/code\u003e\u003c/a\u003e! - Fix i18n fallback routing with routing strategy of always-prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9179\"\u003e#9179\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3f28336d9a52d7e4364d455ee3128d14d10a078a\"\u003e\u003ccode\u003e3f28336d9\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/lilnasy\"\u003e\u003ccode\u003e@​lilnasy\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where the presence of a slot in a page led to an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9219\"\u003e#9219\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/067a65f5b4d163bf1944cf47e6bf891f0b93553f\"\u003e\u003ccode\u003e067a65f5b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/natemoo-re\"\u003e\u003ccode\u003e@​natemoo-re\u003c/code\u003e\u003c/a\u003e! - Fix edge case where \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e updates inside of \u003ccode\u003e.astro\u003c/code\u003e files would occasionally fail to update without reloading the page.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9236\"\u003e#9236\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/27d3e86e4c8d04101113ab7a53477f26a4fb0619\"\u003e\u003ccode\u003e27d3e86e4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - The configuration \u003ccode\u003ei18n.routingStrategy\u003c/code\u003e has been replaced with an object called \u003ccode\u003erouting\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-always\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: true,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-other-locales\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: false,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9193\"\u003e#9193\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/0dc99c9a28fcb6b46db49eefac6afa415875edcb\"\u003e\u003ccode\u003e0dc99c9a2\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/florian-lefebvre\"\u003e\u003ccode\u003e@​florian-lefebvre\u003c/code\u003e\u003c/a\u003e! - Prevents the Code component from crashing if the lang isn't supported by falling back to \u003ccode\u003eplaintext\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9189\"\u003e#9189\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d90714fc3dd7c3eab0a6b29319b0b666bb04b678\"\u003e\u003ccode\u003ed90714fc3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/SpencerWhitehead7\"\u003e\u003ccode\u003e@​SpencerWhitehead7\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where links with the same pathname as the current page, but different search params, were not prefetched.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/c1f2e4f62adc1f2ba7b36f400f38fbab8862bc74\"\u003e\u003ccode\u003ec1f2e4f\u003c/code\u003e\u003c/a\u003e [ci] release (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16467\"\u003e#16467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/345fb9e370ddcd633c1043326e723ee43c89a3e4\"\u003e\u003ccode\u003e345fb9e\u003c/code\u003e\u003c/a\u003e chore: fix flaky dev toolbar render time test (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16500\"\u003e#16500\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/5120ecd4c337a7c59c4956ff8fd6bf327b4abce9\"\u003e\u003ccode\u003e5120ecd\u003c/code\u003e\u003c/a\u003e [ci] format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Add AEAD context binding to server island encryption (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16457\"\u003e#16457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Prebundle dev toolbar entrypoint in client environment (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16480\"\u003e#16480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/93101cce781585574d6b528bae05d5b6a02e63bd\"\u003e\u003ccode\u003e93101cc\u003c/code\u003e\u003c/a\u003e [ci] format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e fix: strip sourceMappingURL from dev toolbar entrypoint during dep optimizati...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/bc8304121b79f5fdcfb400d6baea977840391134\"\u003e\u003ccode\u003ebc83041\u003c/code\u003e\u003c/a\u003e refactor(astro): migrate test utils to typescript (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16492\"\u003e#16492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/5c543c595def9826acdd71c1cb88f08f8d63f1a5\"\u003e\u003ccode\u003e5c543c5\u003c/code\u003e\u003c/a\u003e refactor(astro): add internal entry points for test (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16473\"\u003e#16473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Suppress content config warning for projects without content collections (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/withastro/astro/commits/astro@6.1.10/packages/astro\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for astro since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.35 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.35...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svelte` from 3.59.2 to 5.55.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/releases\"\u003esvelte's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esvelte@5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reapply context after transforming error during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18099\"\u003e#18099\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't rebase just-created batches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18117\"\u003e#18117\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: allow \u003ccode\u003enull\u003c/code\u003e for \u003ccode\u003epending\u003c/code\u003e in typings (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18201\"\u003e#18201\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: flush eager effects in production (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18107\"\u003e#18107\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: rethrow error of failed iterable after calling \u003ccode\u003ereturn()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18169\"\u003e#18169\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: account for proxified instance when updating \u003ccode\u003ebind:this\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18147\"\u003e#18147\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: ensure scheduled batch is flushed if not obsolete (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18131\"\u003e#18131\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: resolve stale deriveds with latest value (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18167\"\u003e#18167\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: remove unnecessary \u003ccode\u003eincrement_pending\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18183\"\u003e#18183\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: correctly compile component member expressions for SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18192\"\u003e#18192\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reset \u003ccode\u003esource.updated\u003c/code\u003e stack traces after \u003ccode\u003eflush\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18196\"\u003e#18196\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: replacing async 'blocking' strategy with 'merging' (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18205\"\u003e#18205\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: allow \u003ccode\u003e@debug\u003c/code\u003e tags to reference awaited variables (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18138\"\u003e#18138\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: re-run fallback props if dependencies update (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18146\"\u003e#18146\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: abort running obsolete async branches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18118\"\u003e#18118\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG-pre-5.md\"\u003esvelte's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003esvelte\u003c/h1\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: improve a11y-click-events-have-key-events message (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9358\"\u003e#9358\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: more robust hydration of html tag (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9184\"\u003e#9184\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: support camelCase properties on custom elements (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9328\"\u003e#9328\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: add missing plaintext-only value to contenteditable type (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9242\"\u003e#9242\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: upgrade magic-string to 0.30.4 (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9292\"\u003e#9292\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: ignore trailing comments when comparing nodes (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9197\"\u003e#9197\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: update style directive when style attribute is present and is updated via an object prop (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9187\"\u003e#9187\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: css sourcemap generation with unicode filenames (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9120\"\u003e#9120\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: do not add module declared variables as dependencies (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9122\"\u003e#9122\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: handle \u003ccode\u003esvelte:element\u003c/code\u003e with dynamic this and spread attributes (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9112\"\u003e#9112\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: silence false positive reactive component warning (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9094\"\u003e#9094\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: head duplication when binding is present (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9124\"\u003e#9124\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: take custom attribute name into account when reflecting property (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9140\"\u003e#9140\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: add \u003ccode\u003eindeterminate\u003c/code\u003e to the list of HTMLAttributes (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9180\"\u003e#9180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: recognize option value on spread attribute (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9125\"\u003e#9125\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: move \u003ccode\u003esvelteHTML\u003c/code\u003e from language-tools into core to load the correct \u003ccode\u003esvelte/element\u003c/code\u003e types (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9070\"\u003e#9070\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/4d8f99a2709e3c02e48d8bc6c77458f4ba49d0e3\"\u003e\u003ccode\u003e4d8f99a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18220\"\u003e#18220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/05523088173e10af0753877af6936088de924833\"\u003e\u003ccode\u003e0552308\u003c/code\u003e\u003c/a\u003e chore: bump devalue (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18219\"\u003e#18219\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd9\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/55f9c85c09d625c3dd80c71ce7542f57386fafb4\"\u003e\u003ccode\u003e55f9c85\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18158\"\u003e#18158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a10e8e47a5946623a60a1e36b9023c23926eae87\"\u003e\u003ccode\u003ea10e8e4\u003c/code\u003e\u003c/a\u003e fix: keep dependencies of \u003ccode\u003e$state.eager\u003c/code\u003e/\u003ccode\u003epending\u003c/code\u003e (alternative approach) (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ef4b97dfabfd7a23b27933e18f7393587c343d66\"\u003e\u003ccode\u003eef4b97d\u003c/code\u003e\u003c/a\u003e fix: duplicated \u0026quot;of\u0026quot; in events.js comment (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18217\"\u003e#18217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/5122936edb3c14e9a602e579727479b49cbd3239\"\u003e\u003ccode\u003e5122936\u003c/code\u003e\u003c/a\u003e fix: treat batches as a linked list (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18205\"\u003e#18205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/svelte/commits/svelte@5.55.7/packages/svelte\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for svelte since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 4.3.3 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v4.3.3...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for devalue since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.3.74 to 0.3.87\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `astro` from 3.5.0 to 6.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/releases\"\u003eastro's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eastro@6.1.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16479\"\u003e#16479\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious \u003ccode\u003e[WARN] [content] Content config not loaded\u003c/code\u003e warning during \u003ccode\u003eastro dev\u003c/code\u003e for projects that don't use content collections\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16457\"\u003e#16457\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens server island encryption to prevent encrypted data from one island component being replayed against a different one\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16481\"\u003e#16481\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious 404 request for a dev toolbar sourcemap during \u003ccode\u003eastro dev\u003c/code\u003e caused by the browser mis-resolving a relative \u003ccode\u003esourceMappingURL\u003c/code\u003e from the \u003ccode\u003e/@id/\u003c/code\u003e URL prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16480\"\u003e#16480\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes an unnecessary full page reload on first navigation during dev\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16448\"\u003e#16448\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Updates vite, picomatch, and unstorage to latest patch versions\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16422\"\u003e#16422\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a3951d7873c7c210fedbaa77702bc33db6410715\"\u003e\u003ccode\u003ea3951d7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens \u003ccode\u003eastro-island\u003c/code\u003e export resolution and hydration error handling for malformed component metadata\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16420\"\u003e#16420\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/e21de1d03b318d5045dba718291c04fe05c01490\"\u003e\u003ccode\u003ee21de1d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16419\"\u003e#16419\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16022\"\u003e#16022\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a002540d60d4a840db9971e73c820a8015658ffe\"\u003e\u003ccode\u003ea002540\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/mathieumaf\"\u003e\u003ccode\u003e@​mathieumaf\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where i18n domains would return 404 when \u003ccode\u003etrailingSlash\u003c/code\u003e is set to \u003ccode\u003enever\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/internal-helpers\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.9.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/markdown-remark\u003c/code\u003e\u003ca href=\"https://github.com/7\"\u003e\u003ccode\u003e@​7\u003c/code\u003e\u003c/a\u003e.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16367\"\u003e#16367\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a6866a7ef086627f8f8237274361d8acc2f85121\"\u003e\u003ccode\u003ea6866a7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where build output files could contain special characters (\u003ccode\u003e!\u003c/code\u003e, \u003ccode\u003e~\u003c/code\u003e, \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e}\u003c/code\u003e) in their names, causing deploy failures on platforms like Netlify.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16381\"\u003e#16381\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/217c5b3b937f0aee7e59280e8a10cf2bd4237605\"\u003e\u003ccode\u003e217c5b3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16348\"\u003e#16348\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/7d26cd77bc1b33cee81f0e7b408dc2d170be1bdd\"\u003e\u003ccode\u003e7d26cd7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ocavue\"\u003e\u003ccode\u003e@​ocavue\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where \u003ccode\u003eallowedDomains\u003c/code\u003e weren't correctly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16379\"\u003e#16379\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5a845514114ae21ca9820e98b56cce33c0cf579b\"\u003e\u003ccode\u003e5a84551\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/martrapp\"\u003e\u003ccode\u003e@​martrapp\u003c/code\u003e\u003c/a\u003e! - Improves Vue scoped style handling in DEV mode during client router navigation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Adds tests to verify settings are properly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16282\"\u003e#16282\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5b0fdaa8ba3dc17f4b93d9847c3255150b0aeab2\"\u003e\u003ccode\u003e5b0fdaa\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jmurty\"\u003e\u003ccode\u003e@​jmurty\u003c/code\u003e\u003c/a\u003e! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/e0b240edea4db632138def3a9003b4b12e12f765\"\u003e\u003ccode\u003ee0b240e\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/telemetry\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.3.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v3.md\"\u003eastro's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9226\"\u003e#9226\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/8f8a40e93d6a0774ba84a6f5db8c42cd81db005e\"\u003e\u003ccode\u003e8f8a40e93\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/outofambit\"\u003e\u003ccode\u003e@​outofambit\u003c/code\u003e\u003c/a\u003e! - Fix i18n fallback routing with routing strategy of always-prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9179\"\u003e#9179\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3f28336d9a52d7e4364d455ee3128d14d10a078a\"\u003e\u003ccode\u003e3f28336d9\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/lilnasy\"\u003e\u003ccode\u003e@​lilnasy\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where the presence of a slot in a page led to an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9219\"\u003e#9219\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/067a65f5b4d163bf1944cf47e6bf891f0b93553f\"\u003e\u003ccode\u003e067a65f5b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/natemoo-re\"\u003e\u003ccode\u003e@​natemoo-re\u003c/code\u003e\u003c/a\u003e! - Fix edge case where \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e updates inside of \u003ccode\u003e.astro\u003c/code\u003e files would occasionally fail to update without reloading the page.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9236\"\u003e#9236\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/27d3e86e4c8d04101113ab7a53477f26a4fb0619\"\u003e\u003ccode\u003e27d3e86e4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - The configuration \u003ccode\u003ei18n.routingStrategy\u003c/code\u003e has been replaced with an object called \u003ccode\u003erouting\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-always\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: true,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-other-locales\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: false,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9193\"\u003e#9193\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/0dc99c9a28fcb6b46db49eefac6afa415875edcb\"\u003e\u003ccode\u003e0dc99c9a2\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/florian-lefebvre\"\u003e\u003ccode\u003e@​florian-lefebvre\u003c/code\u003e\u003c/a\u003e! - Prevents the Code component from crashing if the lang isn't supported by falling back to \u003ccode\u003eplaintext\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9189\"\u003e#9189\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d90714fc3dd7c3eab0a6b29319b0b666bb04b678\"\u003e\u003ccode\u003ed90714fc3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/SpencerWhitehead7\"\u003e\u003ccode\u003e@​SpencerWhitehead7\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where links with the same pathname as the current page, but different search params, were not prefetched.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/c1f2e4f62adc1f2ba7b36f400f38fbab8862bc74\"\u003e\u003ccode\u003ec1f2e4f\u003c/code\u003e\u003c/a\u003e [ci] release (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16467\"\u003e#16467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/345fb9e370ddcd633c1043326e723ee43c89a3e4\"\u003e\u003ccode\u003e345fb9e\u003c/code\u003e\u003c/a\u003e chore: fix flaky dev toolbar render time test (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16500\"\u003e#16500\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/5120ecd4c337a7c59c4956ff8fd6bf327b4abce9\"\u003e\u003ccode\u003e5120ecd\u003c/code\u003e\u003c/a\u003e [ci] format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Add AEAD context binding to server island encryption (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16457\"\u003e#16457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Prebundle dev toolbar entrypoint in client environment (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16480\"\u003e#16480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/93101cce781585574d6b528bae05d5b6a02e63bd\"\u003e\u003ccode\u003e93101cc\u003c/code\u003e\u003c/a\u003e [ci] format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e fix: strip sourceMappingURL from dev toolbar entrypoint during dep optimizati...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/bc8304121b79f5fdcfb400d6baea977840391134\"\u003e\u003ccode\u003ebc83041\u003c/code\u003e\u003c/a\u003e refactor(astro): migrate test utils to typescript (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16492\"\u003e#16492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/5c543c595def9826acdd71c1cb88f08f8d63f1a5\"\u003e\u003ccode\u003e5c543c5\u003c/code\u003e\u003c/a\u003e refactor(astro): add internal entry points for test (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16473\"\u003e#16473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Suppress content config warning for projects without content collections (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/withastro/astro/commits/astro@6.1.10/packages/astro\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for astro since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `astro` from 3.5.0 to 6.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/releases\"\u003eastro's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eastro@6.1.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16479\"\u003e#16479\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious \u003ccode\u003e[WARN] [content] Content config not loaded\u003c/code\u003e warning during \u003ccode\u003eastro dev\u003c/code\u003e for projects that don't use content collections\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16457\"\u003e#16457\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens server island encryption to prevent encrypted data from one island component being replayed against a different one\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16481\"\u003e#16481\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious 404 request for a dev toolbar sourcemap during \u003ccode\u003eastro dev\u003c/code\u003e caused by the browser mis-resolving a relative \u003ccode\u003esourceMappingURL\u003c/code\u003e from the \u003ccode\u003e/@id/\u003c/code\u003e URL prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16480\"\u003e#16480\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes an unnecessary full page reload on first navigation during dev\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16448\"\u003e#16448\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Updates vite, picomatch, and unstorage to latest patch versions\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16422\"\u003e#16422\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a3951d7873c7c210fedbaa77702bc33db6410715\"\u003e\u003ccode\u003ea3951d7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens \u003ccode\u003eastro-island\u003c/code\u003e export resolution and hydration error handling for malformed component metadata\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16420\"\u003e#16420\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/e21de1d03b318d5045dba718291c04fe05c01490\"\u003e\u003ccode\u003ee21de1d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16419\"\u003e#16419\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16022\"\u003e#16022\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a002540d60d4a840db9971e73c820a8015658ffe\"\u003e\u003ccode\u003ea002540\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/mathieumaf\"\u003e\u003ccode\u003e@​mathieumaf\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where i18n domains would return 404 when \u003ccode\u003etrailingSlash\u003c/code\u003e is set to \u003ccode\u003enever\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/internal-helpers\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.9.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/markdown-remark\u003c/code\u003e\u003ca href=\"https://github.com/7\"\u003e\u003ccode\u003e@​7\u003c/code\u003e\u003c/a\u003e.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16367\"\u003e#16367\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a6866a7ef086627f8f8237274361d8acc2f85121\"\u003e\u003ccode\u003ea6866a7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where build output files could contain special characters (\u003ccode\u003e!\u003c/code\u003e, \u003ccode\u003e~\u003c/code\u003e, \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e}\u003c/code\u003e) in their names, causing deploy failures on platforms like Netlify.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16381\"\u003e#16381\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/217c5b3b937f0aee7e59280e8a10cf2bd4237605\"\u003e\u003ccode\u003e217c5b3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16348\"\u003e#16348\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/7d26cd77bc1b33cee81f0e7b408dc2d170be1bdd\"\u003e\u003ccode\u003e7d26cd7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ocavue\"\u003e\u003ccode\u003e@​ocavue\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where \u003ccode\u003eallowedDomains\u003c/code\u003e weren't correctly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16379\"\u003e#16379\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5a845514114ae21ca9820e98b56cce33c0cf579b\"\u003e\u003ccode\u003e5a84551\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/martrapp\"\u003e\u003ccode\u003e@​martrapp\u003c/code\u003e\u003c/a\u003e! - Improves Vue scoped style handling in DEV mode during client router navigation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Adds tests to verify settings are properly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16282\"\u003e#16282\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5b0fdaa8ba3dc17f4b93d9847c3255150b0aeab2\"\u003e\u003ccode\u003e5b0fdaa\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jmurty\"\u003e\u003ccode\u003e@​jmurty\u003c/code\u003e\u003c/a\u003e! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/e0b240edea4db632138def3a9003b4b12e12f765\"\u003e\u003ccode\u003ee0b240e\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/telemetry\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.3.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v3.md\"\u003eastro's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9226\"\u003e#9226\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/8f8a40e93d6a0774ba84a6f5db8c42cd81db005e\"\u003e\u003ccode\u003e8f8a40e93\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/outofambit\"\u003e\u003ccode\u003e@​outofambit\u003c/code\u003e\u003c/a\u003e! - Fix i18n fallback routing with routing strategy of always-prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9179\"\u003e#9179\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3f28336d9a52d7e4364d455ee3128d14d10a078a\"\u003e\u003ccode\u003e3f28336d9\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/lilnasy\"\u003e\u003ccode\u003e@​lilnasy\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where the presence of a slot in a page led to an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9219\"\u003e#9219\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/067a65f5b4d163bf1944cf47e6bf891f0b93553f\"\u003e\u003ccode\u003e067a65f5b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/natemoo-re\"\u003e\u003ccode\u003e@​natemoo-re\u003c/code\u003e\u003c/a\u003e! - Fix edge case where \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e updates inside of \u003ccode\u003e.astro\u003c/code\u003e files would occasionally fail to update without reloading the page.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9236\"\u003e#9236\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/27d3e86e4c8d04101113ab7a53477f26a4fb0619\"\u003e\u003ccode\u003e27d3e86e4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - The configuration \u003ccode\u003ei18n.routingStrategy\u003c/code\u003e has been replaced with an object called \u003ccode\u003erouting\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-always\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: true,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-other-locales\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: false,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9193\"\u003e#9193\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/0dc99c9a28fcb6b46db49eefac6afa415875edcb\"\u003e\u003ccode\u003e0dc9...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/sentry-javascript/pull/240","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fsentry-javascript/issues/240","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/240/packages"},{"uuid":"4543879791","node_id":"PR_kwDORrxkis7gaOYR","number":19,"state":"open","title":"Bump the npm_and_yarn group across 10 directories with 3 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-28T21:15:45.000Z","updated_at":"2026-05-28T21:17:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":3,"packages":[{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"qs","old_version":"6.14.1","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"qs","old_version":"6.13.0","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"qs","old_version":"6.13.0","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"langsmith","old_version":"0.5.26","new_version":"0.7.3","repository_url":"https://github.com/langchain-ai/langsmith-sdk"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /built-in-ai-extension directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /built-in-ai-task-apis-polyfills directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /evals-course/evals-service directory: [protobufjs](https://github.com/protobufjs/protobuf.js) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /firebase-ai-logic directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /gemini-node-sse directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /prompt-api-playground directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /prompt-api-polyfill directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /summary-of-summaries directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 1 update in the /weather-ai directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /webmcp-evals directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.1 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.13.0 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.13.0 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.5.26 to 0.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: propagate tracingEnabled to nested traceables by \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2427\"\u003elangchain-ai/langsmith-sdk#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(python): openai agents: delay span start for spans without inputs on start event by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2424\"\u003elangchain-ai/langsmith-sdk#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.3 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2428\"\u003elangchain-ai/langsmith-sdk#2428\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.c...\n\n_Description has been truncated_","html_url":"https://github.com/danielbodnar/web-ai-demos/pull/19","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/danielbodnar%2Fweb-ai-demos/issues/19","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/19/packages"},{"uuid":"4515759645","node_id":"PR_kwDOPbA0lM7e-utH","number":8,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 5 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T09:14:21.000Z","updated_at":"2026-05-25T09:18:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":7,"packages":[{"name":"turbo","old_version":"1.10.16","new_version":"2.9.14","repository_url":"https://github.com/vercel/turborepo"},{"name":"axios","old_version":"1.12.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"dompurify","old_version":"3.2.6","new_version":"3.4.0","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"uuid","old_version":"10.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@opentelemetry/sdk-node","old_version":"0.54.2","new_version":"0.217.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"langsmith","old_version":"0.4.12","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"vm2","old_version":"3.10.5","new_version":"3.11.3","repository_url":"https://github.com/patriksimek/vm2"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [turbo](https://github.com/vercel/turborepo) | `1.10.16` | `2.9.14` |\n| [axios](https://github.com/axios/axios) | `1.12.0` | `1.15.2` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.2.6` | `3.4.0` |\n| [uuid](https://github.com/uuidjs/uuid) | `10.0.0` | `14.0.0` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.54.2` | `0.217.0` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.4.12` | `0.6.0` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.10.5` | `3.11.3` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/agentflow directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 4 updates in the /packages/components directory: [axios](https://github.com/axios/axios), [uuid](https://github.com/uuidjs/uuid), [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) and [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 3 updates in the /packages/server directory: [axios](https://github.com/axios/axios), [uuid](https://github.com/uuidjs/uuid) and [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js).\nBumps the npm_and_yarn group with 3 updates in the /packages/ui directory: [axios](https://github.com/axios/axios), [dompurify](https://github.com/cure53/DOMPurify) and [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `turbo` from 1.10.16 to 2.9.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/releases\"\u003eturbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTurborepo v2.9.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains important security fixes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eHigh:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-5xc8-49mv-x4mm\"\u003eGHSA-5xc8-49mv-x4mm: Turborepo VSCode Extension command injection\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eLow:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-hcf7-66rw-9f5r\"\u003eGHSA-hcf7-66rw-9f5r: Login callback CSRF/session fixation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-3qcw-2rhx-2726\"\u003eGHSA-3qcw-2rhx-2726: Unexpected local code execution during Yarn Berry detection\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.12 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12774\"\u003evercel/turborepo#12774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Restore docs mobile menu by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12782\"\u003evercel/turborepo#12782\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12787\"\u003evercel/turborepo#12787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Scope GitHub Actions caches by branch by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12788\"\u003evercel/turborepo#12788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Validate lockfiles without dependency downloads by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12789\"\u003evercel/turborepo#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unneeded import form hash creation script in docs by \u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate auth callback state by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12802\"\u003evercel/turborepo#12802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden VS Code extension command execution by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12800\"\u003evercel/turborepo#12800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Avoid project-local Yarn during detection by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12801\"\u003evercel/turborepo#12801\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Release 2.9.13 by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12803\"\u003evercel/turborepo#12803\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.12...v2.9.14\"\u003ehttps://github.com/vercel/turborepo/compare/v2.9.12...v2.9.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eTurborepo v2.9.13-canary.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.11-canary.7 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12768\"\u003evercel/turborepo#12768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Allow \u003ccode\u003e$TURBO_EXTENDS$\u003c/code\u003e in LSP diagnostics by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12770\"\u003evercel/turborepo#12770\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.11 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12771\"\u003evercel/turborepo#12771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Allow transit nodes in LSP diagnostics by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12773\"\u003evercel/turborepo#12773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.12 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12774\"\u003evercel/turborepo#12774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Restore docs mobile menu by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12782\"\u003evercel/turborepo#12782\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12787\"\u003evercel/turborepo#12787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Scope GitHub Actions caches by branch by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12788\"\u003evercel/turborepo#12788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Validate lockfiles without dependency downloads by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12789\"\u003evercel/turborepo#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unneeded import form hash creation script in docs by \u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate auth callback state by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12802\"\u003evercel/turborepo#12802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden VS Code extension command execution by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12800\"\u003evercel/turborepo#12800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Avoid project-local Yarn during detection by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12801\"\u003evercel/turborepo#12801\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/blob/main/RELEASE.md\"\u003eturbo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease Documentation\u003c/h1\u003e\n\u003ch2\u003eQuick Start\u003c/h2\u003e\n\u003ch3\u003eAutomated Canary Releases\u003c/h3\u003e\n\u003cp\u003eCanary releases run on an hourly schedule via the [Release workflow][1]:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eRuns every hour via cron, skipping if no relevant files (\u003ccode\u003ecrates/\u003c/code\u003e, \u003ccode\u003epackages/\u003c/code\u003e, \u003ccode\u003ecli/\u003c/code\u003e) changed since the last canary tag\u003c/li\u003e\n\u003cli\u003eSkips if the latest commit is a release PR merge (to avoid releasing the version bump itself)\u003c/li\u003e\n\u003cli\u003ePublishes to npm with the \u003ccode\u003ecanary\u003c/code\u003e tag\u003c/li\u003e\n\u003cli\u003eOpens a PR with auto-merge enabled to merge the version bump back to \u003ccode\u003emain\u003c/code\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eNo manual intervention required for canary releases.\u003c/p\u003e\n\u003ch3\u003eManual Releases (Stable/Custom)\u003c/h3\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eCreate a release by triggering the [Turborepo Release][1] workflow\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFor stable releases, use \u003ccode\u003epatch\u003c/code\u003e, \u003ccode\u003eminor\u003c/code\u003e, or \u003ccode\u003emajor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFor custom pre-releases, use \u003ccode\u003eprepatch\u003c/code\u003e, \u003ccode\u003epreminor\u003c/code\u003e, or \u003ccode\u003epremajor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCheck the \u0026quot;Dry Run\u0026quot; box to test the workflow without publishing\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA PR is automatically opened to merge the release branch back into \u003ccode\u003emain\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMerge this promptly to avoid conflicts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch3\u003eRelease \u003ccode\u003e@turbo/repository\u003c/code\u003e\u003c/h3\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eRun [\u003ccode\u003ebump-version.sh\u003c/code\u003e][4] to update the versions of the packages. Merge in the changes to \u003ccode\u003emain\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCreate a release by triggering the [Turborepo Library Release][5] workflow.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCheck the \u0026quot;Dry Run\u0026quot; box to run the full release workflow without publishing any packages.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch3\u003eNotes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Release Notes are published automatically using the config from [\u003ccode\u003eturborepo-release.yml\u003c/code\u003e][2],\ntriggered by the [\u003ccode\u003eturbo-orchestrator\u003c/code\u003e][3] bot.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003eTurborepo CLI Release Process - In-Depth Guide\u003c/h2\u003e\n\u003cp\u003eThis section provides comprehensive documentation on how the Turborepo CLI is released, including the architecture, workflows, and detailed step-by-step processes.\u003c/p\u003e\n\u003ch3\u003eTable of Contents\u003c/h3\u003e\n\u003col\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#architecture-overview\"\u003eArchitecture Overview\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#automated-canary-releases\"\u003eAutomated Canary Releases\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#version-management\"\u003eVersion Management\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#release-workflow-stages\"\u003eRelease Workflow Stages\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#packages-released\"\u003ePackages Released\u003c/a\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/fc62fe0d9c347d1d24f0ed8946284856593ddb93\"\u003e\u003ccode\u003efc62fe0\u003c/code\u003e\u003c/a\u003e publish 2.9.14 to registry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/fb8c9aec0f9e83f95783659a5ce9c4478cf62cb9\"\u003e\u003ccode\u003efb8c9ae\u003c/code\u003e\u003c/a\u003e chore: Release 2.9.13 (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12803\"\u003e#12803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/e8e629da4e1fb75231089e91b19be9d327a3e649\"\u003e\u003ccode\u003ee8e629d\u003c/code\u003e\u003c/a\u003e fix: Avoid project-local Yarn during detection (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12801\"\u003e#12801\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/91c90cbf12f524c5c29b713d6472dd5fcdecb309\"\u003e\u003ccode\u003e91c90cb\u003c/code\u003e\u003c/a\u003e fix: Harden VS Code extension command execution (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12800\"\u003e#12800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/84f450894e87da1eed864d51f6f637f26980d560\"\u003e\u003ccode\u003e84f4508\u003c/code\u003e\u003c/a\u003e fix: Validate auth callback state (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/1779ad7901384f106236a6e196059e4929745514\"\u003e\u003ccode\u003e1779ad7\u003c/code\u003e\u003c/a\u003e Removed unneeded import form hash creation script in docs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12799\"\u003e#12799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/71f8c90a807ffb9b9876ea8a04f523f473bf5c8d\"\u003e\u003ccode\u003e71f8c90\u003c/code\u003e\u003c/a\u003e test: Validate lockfiles without dependency downloads (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12789\"\u003e#12789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/5fcb96024d503127bb0ed760ebe159b7716c52b3\"\u003e\u003ccode\u003e5fcb960\u003c/code\u003e\u003c/a\u003e ci: Scope GitHub Actions caches by branch (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12788\"\u003e#12788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/4cf9fabc9a6f6c99fe4e2f2da9f35be631be062a\"\u003e\u003ccode\u003e4cf9fab\u003c/code\u003e\u003c/a\u003e ci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12787\"\u003e#12787\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/859c629bc401f239ac7980a132746ca90478e17c\"\u003e\u003ccode\u003e859c629\u003c/code\u003e\u003c/a\u003e fix: Restore docs mobile menu (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12782\"\u003e#12782\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/turborepo/compare/v1.10.16...v2.9.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for turbo since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.12.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.12.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.2.6 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eMost relevant changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a problem with \u003ccode\u003eFORBID_TAGS\u003c/code\u003e not winning over \u003ccode\u003eADD_TAGS\u003c/code\u003e, thanks \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed several minor problems and typos regarding MathML attributes, thanks \u003ca href=\"https://github.com/DavidOliver\"\u003e\u003ccode\u003e@​DavidOliver\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eADD_ATTR\u003c/code\u003e/\u003ccode\u003eADD_TAGS\u003c/code\u003e function leaking into subsequent array-based calls, thanks \u003ca href=\"https://github.com/1Jesper1\"\u003e\u003ccode\u003e@​1Jesper1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a missing \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrub in \u003ccode\u003eRETURN_DOM\u003c/code\u003e path, thanks \u003ca href=\"https://github.com/bencalif\"\u003e\u003ccode\u003e@​bencalif\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution via \u003ccode\u003eCUSTOM_ELEMENT_HANDLING\u003c/code\u003e, thanks \u003ca href=\"https://github.com/trace37labs\"\u003e\u003ccode\u003e@​trace37labs\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eADD_TAGS\u003c/code\u003e function form bypassing \u003ccode\u003eFORBID_TAGS\u003c/code\u003e, thanks \u003ca href=\"https://github.com/eddieran\"\u003e\u003ccode\u003e@​eddieran\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eADD_ATTR\u003c/code\u003e predicates skipping URI validation, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eUSE_PROFILES\u003c/code\u003e prototype pollution, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue leading to possible mXSS via Re-Contextualization, thanks \u003ca href=\"https://github.com/researchatfluidattacks\"\u003e\u003ccode\u003e@​researchatfluidattacks\u003c/code\u003e\u003c/a\u003e and others\u003c/li\u003e\n\u003cli\u003eFixed an issue with closing tags leading to possible mXSS, thanks \u003ca href=\"https://github.com/frevadiscor\"\u003e\u003ccode\u003e@​frevadiscor\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a problem with the type dentition patcher after Node version bump\u003c/li\u003e\n\u003cli\u003eFixed freezing BS runs by reducing the tested browsers array\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eAdded needed files for OpenSSF scorecard checks\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePublished Advisories are here:\u003c/strong\u003e\n\u003ca href=\"https://github.com/cure53/DOMPurify/security/advisories?state=published\"\u003ehttps://github.com/cure53/DOMPurify/security/advisories?state=published\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an engine requirement for Node 20 which caused hiccups, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution issue when working with custom elements, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a lenient config parsing in \u003ccode\u003e_isValidAttribute\u003c/code\u003e, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped and removed several dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the test suite after bumping dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated \u003ccode\u003eADD_FORBID_CONTENTS\u003c/code\u003e setting to extend default list, thanks \u003ca href=\"https://github.com/MariusRumpf\"\u003e\u003ccode\u003e@​MariusRumpf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the ESM import syntax to be more correct, thanks \u003ca href=\"https://github.com/binhpv\"\u003e\u003ccode\u003e@​binhpv\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the SVG \u003ccode\u003emask-type\u003c/code\u003e attribute to default allow-list, thanks \u003ca href=\"https://github.com/prasadrajandran\"\u003e\u003ccode\u003e@​prasadrajandran\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded support for \u003ccode\u003eADD_ATTR\u003c/code\u003e and \u003ccode\u003eADD_TAGS\u003c/code\u003e to accept functions, thanks \u003ca href=\"https://github.com/nelstrom\"\u003e\u003ccode\u003e@​nelstrom\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with the \u003ccode\u003eslot\u003c/code\u003e element being in both SVG and HTML allow-list, thanks \u003ca href=\"https://github.com/Wim-Valgaeren\"\u003e\u003ccode\u003e@​Wim-Valgaeren\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.2.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new attributes and elements to default allow-list, thanks \u003ca href=\"https://github.com/elrion018\"\u003e\u003ccode\u003e@​elrion018\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003etagName\u003c/code\u003e parameter to custom element \u003ccode\u003eattributeNameCheck\u003c/code\u003e, thanks \u003ca href=\"https://github.com/nelstrom\"\u003e\u003ccode\u003e@​nelstrom\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better check for animated \u003ccode\u003ehref\u003c/code\u003e attributes, thanks \u003ca href=\"https://github.com/llamakko\"\u003e\u003ccode\u003e@​llamakko\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated and improved the bundled types, thanks \u003ca href=\"https://github.com/ssi02014\"\u003e\u003ccode\u003e@​ssi02014\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated several tests to better align with new browser encoding behaviors\u003c/li\u003e\n\u003cli\u003eImproved the handling of potentially risky content inside CDATA elements, thanks \u003ca href=\"https://github.com/securityMB\"\u003e\u003ccode\u003e@​securityMB\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/terjanq\"\u003e\u003ccode\u003e@​terjanq\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved the regular expression for raw-text elements to cover textareas, thanks \u003ca href=\"https://github.com/securityMB\"\u003e\u003ccode\u003e@​securityMB\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/terjanq\"\u003e\u003ccode\u003e@​terjanq\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b16e0b892e82b1779d62b9928b43c4c4ff290b9\"\u003e\u003ccode\u003e5b16e0b\u003c/code\u003e\u003c/a\u003e Getting 3.x branch ready for 3.4.0 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1250\"\u003e#1250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/8bcbf73ae7eb56e7b4f1300b66cf543342c7ee27\"\u003e\u003ccode\u003e8bcbf73\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5faddd60af7b4d612f32a0c6b44432b77c8c490c\"\u003e\u003ccode\u003e5faddd6\u003c/code\u003e\u003c/a\u003e fix: engine requirement (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1210\"\u003e#1210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/0f91e3add5c028bc4110c513b0c2571b284c35af\"\u003e\u003ccode\u003e0f91e3a\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/d5ff1a8c605df1df998c2e7df2c4c8ac762b0dea\"\u003e\u003ccode\u003ed5ff1a8\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/c3efd489010366e755de9d65fd741888fd8b7462\"\u003e\u003ccode\u003ec3efd48\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/988b888108c8df911ef37e68d0e26c85ad90e885\"\u003e\u003ccode\u003e988b888\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/2726c74e9c6a0645127d1630e5ca49f64bc9fe67\"\u003e\u003ccode\u003e2726c74\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6202c7e43e9df01ba606396aed60fbae5583f7a1\"\u003e\u003ccode\u003e6202c7e\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e and jsdom (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1204\"\u003e#1204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/302b51de22535cc90235472c52e3401bedd46f80\"\u003e\u003ccode\u003e302b51d\u003c/code\u003e\u003c/a\u003e fix: Expanded the regex ever so slightly to also cover script\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.2.6...3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 10.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@opentelemetry/sdk-node` from 0.54.2 to 0.217.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/releases\"\u003e@​opentelemetry/sdk-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eexperimental/v0.217.0\u003c/h2\u003e\n\u003ch2\u003e0.217.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(otlp-transformer): replace protobufjs trace serialization with custom implementation \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6625\"\u003e#6625\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using \u003ccode\u003ejson-schema-to-typescript\u003c/code\u003e and \u003ccode\u003eajv\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6533\"\u003e#6533\u003c/a\u003e \u003ca href=\"https://github.com/MikeGoldsmith\"\u003e\u003ccode\u003e@​MikeGoldsmith\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration, sdk-node): \u003ccode\u003estartNodeSDK()\u003c/code\u003e code path now uses \u003ccode\u003elog_level\u003c/code\u003e configuration to setup a DiagConsoleLogger \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6668\"\u003e#6668\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eNote that allowed values for \u003ccode\u003elog_level\u003c/code\u003e in a configuration YAML file are \u003cem\u003enot\u003c/em\u003e the same set as for \u003ccode\u003eOTEL_LOG_LEVEL\u003c/code\u003e. Use \u003ccode\u003elog_level: trace\u003c/code\u003e to see \u003cem\u003eall\u003c/em\u003e logs (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=ALL\u003c/code\u003e). Use \u003ccode\u003elog_level: fatal\u003c/code\u003e to effectively disable the SDK's internal diagnostic logger (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=NONE\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003elog_level\u003c/code\u003e is not specified, a diagnostic console logger at \u0026quot;info\u0026quot; level will be setup.\u003c/li\u003e\n\u003cli\u003eAn invalid YAML config file will now result in a noop OTel SDK.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(configuration): do not validate \u003ccode\u003eOTEL_CONFIG_FILE\u003c/code\u003e value before using it for file config \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6643\"\u003e#6643\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6650\"\u003e#6650\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6657\"\u003e#6657\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve handling of enums in generated types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6659\"\u003e#6659\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve the technique for removing '| null' on types the JSON Schema \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6662\"\u003e#6662\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sampler-jaeger-remote): add missing axios dep \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6656\"\u003e#6656\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6674\"\u003e#6674\u003c/a\u003e \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.216.0\u003c/h2\u003e\n\u003ch2\u003e0.216.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6427\"\u003e#6427\u003c/a\u003e \u003ca href=\"https://github.com/ravitheja4531-cell\"\u003e\u003ccode\u003e@​ravitheja4531-cell\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(sdk-node): set TracerProvider in startNodeSDK() \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6607\"\u003e#6607\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(instrumentation-xml-http-request): avoid unwrapping \u003ccode\u003eXMLHttpRequest\u003c/code\u003e API when disabling \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6611\"\u003e#6611\u003c/a\u003e \u003ca href=\"https://github.com/david-luna\"\u003e\u003ccode\u003e@​david-luna\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-fetch): tolerate non-writable \u003ccode\u003eglobalThis.fetch\u003c/code\u003e and fix premature \u003ccode\u003e_isEnabled\u003c/code\u003e / \u003ccode\u003e_isFetchPatched\u003c/code\u003e flips in \u003ccode\u003eenable()\u003c/code\u003e \u003ca href=\"https://github.com/brunorodmoreira\"\u003e\u003ccode\u003e@​brunorodmoreira\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-xhr): resolve relative URLs before matching \u003ccode\u003eignoreUrls\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6551\"\u003e#6551\u003c/a\u003e \u003ca href=\"https://github.com/Maximiliano-Zeballos\"\u003e\u003ccode\u003e@​Maximiliano-Zeballos\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sdk-node): fix setting of ViewOption#name from ConfigurationModel \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6620\"\u003e#6620\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(web-common): add limit for timeout \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6601\"\u003e#6601\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6646\"\u003e#6646\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:house: Internal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etest(otlp-transformer): add metrics transform benchmark \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6628\"\u003e#6628\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6636\"\u003e#6636\u003c/a\u003e \u003ca href=\"https://github.com/cjihrig\"\u003e\u003ccode\u003e@​cjihrig\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.215.0\u003c/h2\u003e\n\u003ch2\u003e0.215.0\u003c/h2\u003e\n\u003ch3\u003e:boom: Breaking Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/74cde1b674508ccc0ed2601ac43a80ff2d35114c\"\u003e\u003ccode\u003e74cde1b\u003c/code\u003e\u003c/a\u003e chore: prepare next release (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6675\"\u003e#6675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/e8f439adcbec23261d26fcc205f4d2a6d74f16c7\"\u003e\u003ccode\u003ee8f439a\u003c/code\u003e\u003c/a\u003e fix: handle malformed URLs in Prometheus exporter request handler (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6674\"\u003e#6674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ab3a2e280e589a43d705278be5e8c8308b1b4081\"\u003e\u003ccode\u003eab3a2e2\u003c/code\u003e\u003c/a\u003e feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/d5b7d1e5c6cd3c9547137d0cc6a5185b7b5a8155\"\u003e\u003ccode\u003ed5b7d1e\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency axios to v1.15.2 [security] (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6670\"\u003e#6670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/c16361877b77828d324733a4c8bed6d2ed10c884\"\u003e\u003ccode\u003ec163618\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to e46ed2c (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6661\"\u003e#6661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ec2bfbe0b2afb9d29725140b2d0350e47e23250d\"\u003e\u003ccode\u003eec2bfbe\u003c/code\u003e\u003c/a\u003e chore(configuration): move config generation scripts into the configuration p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/acc9ecd99591c054e9f3b9d9e36cbd4333bb1411\"\u003e\u003ccode\u003eacc9ecd\u003c/code\u003e\u003c/a\u003e chore(configuration): cosmetic changes to generated types.ts (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6663\"\u003e#6663\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/8f008ece4ee20ad7ef55f673c208010ddb59f751\"\u003e\u003ccode\u003e8f008ec\u003c/code\u003e\u003c/a\u003e chore: Move inactive members to emeritus (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6649\"\u003e#6649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/435431e4705fd1fb45eec009a3f831b91e6673cd\"\u003e\u003ccode\u003e435431e\u003c/code\u003e\u003c/a\u003e fix(configuration): improve the technique for removing '| null' on types due ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/42220244e99c5ace5c2ac7365d232d3b9d1038b2\"\u003e\u003ccode\u003e4222024\u003c/code\u003e\u003c/a\u003e fix(configuration): improve handling of enums in generated types (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6659\"\u003e#6659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/compare/experimental/v0.54.2...experimental/v0.217.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​opentelemetry/sdk-node\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.4.12 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(openai): Add use responses API to OpenAI wrapper by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2218\"\u003elangchain-ai/langsmith-sdk#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(py): Fix Python integration tests by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2219\"\u003elangchain-ai/langsmith-sdk#2219\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add invocation param tracing for OpenAI responses wrapper in JS by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2220\"\u003elangchain-ai/langsmith-sdk#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore empty string by \u003ca href=\"https://github.com/hinthornw\"\u003e\u003ccode\u003e@​hinthornw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2225\"\u003elangchain-ai/langsmith-sdk#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove duplicate patch from claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2189\"\u003elangchain-ai/langsmith-sdk#2189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix JS Memory Leak clean child_runs by \u003ca href=\"https://github.com/amodelaweb\"\u003e\u003ccode\u003e@​amodelaweb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2228\"\u003elangchain-ai/langsmith-sdk#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Make traced asyn...\n\n_Description has been truncated_","html_url":"https://github.com/Sherlock999xxx/Flowise/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sherlock999xxx%2FFlowise/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"},{"uuid":"4510907615","node_id":"PR_kwDOPbma_s7evxYs","number":9,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T08:01:28.000Z","updated_at":"2026-05-24T08:03:19.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"langsmith","old_version":"0.3.49","new_version":"0.3.87","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"@hono/node-server","old_version":"1.17.1","new_version":"1.19.14","repository_url":"https://github.com/honojs/node-server"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"hono","old_version":"4.11.7","new_version":"4.12.22","repository_url":"https://github.com/honojs/hono"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"tar","old_version":"7.5.7","new_version":"7.5.15","repository_url":"https://github.com/isaacs/node-tar"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 9 updates in the /docs/_scripts/js_translation/codeblocks directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.49` | `0.3.87` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.17.1` | `1.19.14` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [hono](https://github.com/honojs/hono) | `4.11.7` | `4.12.22` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.15` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.7` | `7.5.15` |\n\nBumps the npm_and_yarn group with 2 updates in the /libs/cli/js-examples directory: [flatted](https://github.com/WebReflection/flatted) and [picomatch](https://github.com/micromatch/picomatch).\n\nUpdates `langsmith` from 0.3.49 to 0.3.87\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.17.1 to 1.19.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.14\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add custom inspect to lightweight Request/Response to prevent TypeError on console.log by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/340\"\u003ehonojs/node-server#340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(globals): Stop overwriting global.fetch by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/295\"\u003ehonojs/node-server#295\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add guide for listening to UNIX domain socket by \u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serve-static): Use Readable.toWeb in serveStatic by \u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b5e63a366d9b0ef62ac65fcafd7f69b383b03ff5\"\u003e\u003ccode\u003eb5e63a3\u003c/code\u003e\u003c/a\u003e 1.19.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c02d7770a2d29ea473403211bef0a60639885a28\"\u003e\u003ccode\u003ec02d777\u003c/code\u003e\u003c/a\u003e fix: add custom inspect to lightweight Request/Response to prevent TypeError ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.17.1...v1.19.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.5.3 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v4.5.3...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.11.7 to 4.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: update vitest to v4 and cleanups by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4952\"\u003ehonojs/hono#4952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(mime): specify charset parameter per MIME type instead of mechanical detection by \u003ca href=\"https://github.com/renatograsso10\"\u003e\u003ccode\u003e@​renatograsso10\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4912\"\u003ehonojs/hono#4912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(compress): respect Accept-Encoding when encoding option is set by \u003ca href=\"https://github.com/LeSingh1\"\u003e\u003ccode\u003e@​LeSingh1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4951\"\u003ehonojs/hono#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deno): echo negotiated WebSocket subprotocol in upgrade response by \u003ca href=\"https://github.com/ATOM00blue\"\u003e\u003ccode\u003e@​ATOM00blue\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4955\"\u003ehonojs/hono#4955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add msgpack as a compressible content type by \u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4957\"\u003ehonojs/hono#4957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/renatograsso10\"\u003e\u003ccode\u003e@​renatograsso10\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4912\"\u003ehonojs/hono#4912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/LeSingh1\"\u003e\u003ccode\u003e@​LeSingh1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4951\"\u003ehonojs/hono#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ATOM00blue\"\u003e\u003ccode\u003e@​ATOM00blue\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4955\"\u003ehonojs/hono#4955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4957\"\u003ehonojs/hono#4957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.21...v4.12.22\"\u003ehttps://github.com/honojs/hono/compare/v4.12.21...v4.12.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.21\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eapp.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eapp.mount()\u003c/code\u003e. Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3\u003c/p\u003e\n\u003ch3\u003eIP Restriction bypasses static deny rules for non-canonical IPv6\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/ip-restriction\u003c/code\u003e. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5\u003c/p\u003e\n\u003ch3\u003eCookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cookie\u003c/code\u003e. Fixes missing validation of \u003ccode\u003esameSite\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e options against injection characters (\u003ccode\u003e;\u003c/code\u003e, \u003ccode\u003e\\r\u003c/code\u003e, \u003ccode\u003e\\n\u003c/code\u003e), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x\u003c/p\u003e\n\u003ch3\u003eJWT middleware accepts any Authorization scheme, not only Bearer\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/jwt\u003c/code\u003e, \u003ccode\u003ehono/jwk\u003c/code\u003e. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use \u003ccode\u003eapp.mount()\u003c/code\u003e, \u003ccode\u003ehono/ip-restriction\u003c/code\u003e, \u003ccode\u003ehono/cookie\u003c/code\u003e, or \u003ccode\u003ehono/jwt\u003c/code\u003e/\u003ccode\u003ehono/jwk\u003c/code\u003e are encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.20\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(route): preserve the base path of the mounted route() app by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4942\"\u003ehonojs/hono#4942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(jsx): widen jsx and jsxFn children to Child[] by \u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.19...v4.12.20\"\u003ehttps://github.com/honojs/hono/compare/v4.12.19...v4.12.20\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/2f01b774b168911d24e4864fb66054f5de9d9a4e\"\u003e\u003ccode\u003e2f01b77\u003c/code\u003e\u003c/a\u003e 4.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6bc0dff277684ee50ace6dc87a7ad73a9c131c99\"\u003e\u003ccode\u003e6bc0dff\u003c/code\u003e\u003c/a\u003e feat: add msgpack as a compressible content type (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4957\"\u003e#4957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/7e0555d14c72d4204347ac9afaae32ba5c013ab9\"\u003e\u003ccode\u003e7e0555d\u003c/code\u003e\u003c/a\u003e fix(deno): echo negotiated WebSocket subprotocol in upgrade response (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4955\"\u003e#4955\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f0ed2465913f2a89ebdf65cc54d6254915fc3ff6\"\u003e\u003ccode\u003ef0ed246\u003c/code\u003e\u003c/a\u003e fix(compress): respect Accept-Encoding when encoding option is set (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4951\"\u003e#4951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a192df0844724aeaf5cbc6f1ea2f8425d3f8a86a\"\u003e\u003ccode\u003ea192df0\u003c/code\u003e\u003c/a\u003e fix(mime): specify charset parameter per MIME type instead of mechanical dete...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/cf6ef7056a59acdc5cd2eacdca201147885d3e54\"\u003e\u003ccode\u003ecf6ef70\u003c/code\u003e\u003c/a\u003e chore: update vitest to v4 and cleanups (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4952\"\u003e#4952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a83ddb882e0c0b8c336050dba087bb2e1b12488e\"\u003e\u003ccode\u003ea83ddb8\u003c/code\u003e\u003c/a\u003e 4.12.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1\"\u003e\u003ccode\u003e6cbb025\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c831020fb1fa2e929d222f6c84e1abfe013e512b\"\u003e\u003ccode\u003ec831020\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/905aedbc20661e0e2fa378783a7ec44a5c3df43d\"\u003e\u003ccode\u003e905aedb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.11.7...v4.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.6 to 8.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/eae46db765d752cf8f40c4fa2b0b85030079c43d\"\u003e\u003ccode\u003eeae46db\u003c/code\u003e\u003c/a\u003e Release 8.5.15 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/79508ffa59e42c02056aca61b88bc393c8b516c4\"\u003e\u003ccode\u003e79508ff\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b128e2131288a411c6e28071d0929542c49e74eb\"\u003e\u003ccode\u003eb128e21\u003c/code\u003e\u003c/a\u003e Speed up declaration parsing by avoiding creating new array on each token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9825dca02c33cf610e2a842be767468b67fbecf9\"\u003e\u003ccode\u003e9825dca\u003c/code\u003e\u003c/a\u003e Fix code format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/55789c865281e2be194fa5b4e41dd046be3a2307\"\u003e\u003ccode\u003e55789c8\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/84fbbe9009cb3cc3bbb4cc3a9b65d468f4844d95\"\u003e\u003ccode\u003e84fbbe9\u003c/code\u003e\u003c/a\u003e Install older pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9f860bd78ec1dbc4f0ae72d693f03f956baa38cb\"\u003e\u003ccode\u003e9f860bd\u003c/code\u003e\u003c/a\u003e Revert pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/08771986d47359545f502e009763e223b66bfcf6\"\u003e\u003ccode\u003e0877198\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b2d1a335cea818f8b27e5cfb90147648afe3e582\"\u003e\u003ccode\u003eb2d1a33\u003c/code\u003e\u003c/a\u003e Fix linter warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/0700dac92283bc259977dff2743ca74a00f58267\"\u003e\u003ccode\u003e0700dac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2088\"\u003e#2088\u003c/a\u003e from rootvector2/add-oss-fuzz-harness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.7 to 7.5.15\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/87cc309f13c21d598b0b833235d387a252455058\"\u003e\u003ccode\u003e87cc309\u003c/code\u003e\u003c/a\u003e 7.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7aef486f0d21c10fd7790b16b1b28f04648cf334\"\u003e\u003ccode\u003e7aef486\u003c/code\u003e\u003c/a\u003e fix: regression in pending links detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/d6611ae951056addb77c6e11baf7bcc9d7648e46\"\u003e\u003ccode\u003ed6611ae\u003c/code\u003e\u003c/a\u003e 7.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/119c401f4f7efbeb112d28f9dfc9c489674c9a79\"\u003e\u003ccode\u003e119c401\u003c/code\u003e\u003c/a\u003e fix(extract): prevent raced symlink writes outside cwd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2a294d3fbb24c18dc80f31059f49dd9af15653fe\"\u003e\u003ccode\u003e2a294d3\u003c/code\u003e\u003c/a\u003e 7.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/01082a42c3256ca6054f9627911cce4dbfe00d92\"\u003e\u003ccode\u003e01082a4\u003c/code\u003e\u003c/a\u003e fix: reject top promise on floating addFilesAsync rejections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/dd1c36ab7acff26e5a34935d17f27a45bb088db3\"\u003e\u003ccode\u003edd1c36a\u003c/code\u003e\u003c/a\u003e linting\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/GlacierEQ/langgraph/network/alerts).\n\n\u003c/details\u003e\n\n---\n\n🔧 This PR updates 9 npm dependencies across two directories to their latest versions, including security fixes and performance improvements. The updates span various packages from web frameworks (Hono) to utility libraries (flatted, picomatch) and build tools (PostCSS).\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Documentation Scripts**: Updated 9 packages in `/docs/_scripts/js_translation/codeblocks/yarn.lock` including major version bumps for Hono (4.11.7 → 4.12.22) and LangSmith (0.3.49 → 0.3.87)\n- **CLI Examples**: Updated 2 packages in `/libs/cli/js-examples/yarn.lock` with flatted and picomatch receiving the same security updates\n- **Security Fixes**: Multiple packages include critical security patches, particularly picomatch (CVE fixes) and flatted (CWE-1321 fix)\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 9 Outdated Packages]\n    B --\u003e C[docs/_scripts/js_translation/codeblocks]\n    B --\u003e D[libs/cli/js-examples]\n    C --\u003e E[Update langsmith 0.3.49→0.3.87]\n    C --\u003e F[Update hono 4.11.7→4.12.22]\n    C --\u003e G[Update 7 other packages]\n    D --\u003e H[Update flatted \u0026 picomatch]\n    E --\u003e I[Security \u0026 Performance Improvements]\n    F --\u003e I\n    G --\u003e I\n    H --\u003e I\n```\n\n### Impact\n- **Security Enhancement**: Fixes multiple CVEs in picomatch and CWE-1321 in flatted, addressing potential security vulnerabilities\n- **Performance Improvements**: PostCSS parsing optimizations and Hono framework enhancements for better request handling\n- **Stability Updates**: Bug fixes across multiple packages including tar, minimatch, and fast-xml-parser for improved reliability\n- **Maintenance**: Keeps dependencies current with latest patches and reduces technical debt\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/langgraph/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Flanggraph/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4509682342","node_id":"PR_kwDOSL-hY87esQSX","number":80,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 17 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T21:41:31.000Z","updated_at":"2026-05-23T21:42:16.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"next","old_version":"16.2.4","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"axios","old_version":"1.15.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"ws","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"next","old_version":"15.5.15","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"langsmith","old_version":"0.5.26","new_version":"0.7.2","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"qs","old_version":"6.15.1","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /apps/dex directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 2 updates in the /apps/inferstructor-dashboard directory: [axios](https://github.com/axios/axios) and [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the /apps/wallet directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /apps/x3-desktop directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 2 updates in the /apps/x3-desktop/rag-bot directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 2 updates in the /apps/x3-intelligence directory: [ws](https://github.com/websockets/ws) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 2 updates in the /contracts/botchain-tri-vm-genesis/hardhat directory: [qs](https://github.com/ljharb/qs) and [fast-uri](https://github.com/fastify/fast-uri).\nBumps the npm_and_yarn group with 1 update in the /infra-structure/dashboard directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /infra-structure/services/blockchain-tps directory: [ws](https://github.com/websockets/ws) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /infra-structure/services/chain-db directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 2 updates in the /infra/blockchain-tps directory: [ws](https://github.com/websockets/ws) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /packages/blockchain-connector directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 2 updates in the /packages/polkawallet-plugin directory: [ws](https://github.com/websockets/ws) and [fast-uri](https://github.com/fastify/fast-uri).\nBumps the npm_and_yarn group with 1 update in the /scripts_infrastructure/coordinator directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /scripts_infrastructure/relayer directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /scripts_infrastructure/testnet directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the /x3fronend directory: [ws](https://github.com/websockets/ws).\n\nUpdates `next` from 16.2.4 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.2.4...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.15.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.20.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/8.20.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.5.15 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.2.4...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.19.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/8.20.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.5.26 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2389\"\u003elangchain-ai/langsmith-sdk#2389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove \u003ca href=\"https://github.com/internal\"\u003e\u003ccode\u003e@​internal\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2391\"\u003elangchain-ai/langsmith-sdk#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2392\"\u003elangchain-ai/langsmith-sdk#2392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump openai from 5.8.2 to 6.18.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2378\"\u003elangchain-ai/langsmith-sdk#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump cross-env from 7.0.3 to 10.1.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2379\"\u003elangchain-ai/langsmith-sdk#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2376\"\u003elangchain-ai/langsmith-sdk#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump node-fetch from 2.7.0 to 3.3.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2380\"\u003elangchain-ai/langsmith-sdk#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGoogle ADK LangSmith tracing enhancements by \u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependabot.yml to comply with posture checks by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2393\"\u003elangchain-ai/langsmith-sdk#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump cryptography from 46.0.3 to 46.0.5 in /python in the uv group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2397\"\u003elangchain-ai/langsmith-sdk#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2398\"\u003elangchain-ai/langsmith-sdk#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2399\"\u003elangchain-ai/langsmith-sdk#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump packaging from 25.0 to 26.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2403\"\u003elangchain-ai/langsmith-sdk#2403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pytest from 8.4.2 to 9.0.2 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2405\"\u003elangchain-ai/langsmith-sdk#2405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 20 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2406\"\u003elangchain-ai/langsmith-sdk#2406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Log Vitest/Jest outputs even if test throws an error by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2408\"\u003elangchain-ai/langsmith-sdk#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove async by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2409\"\u003elangchain-ai/langsmith-sdk#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.3 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2410\"\u003elangchain-ai/langsmith-sdk#2410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignoring p-queue dep by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2414\"\u003elangchain-ai/langsmith-sdk#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add on_start handler for traceable, use in evaluate by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2421\"\u003elangchain-ai/langsmith-sdk#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.4 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2422\"\u003elangchain-ai/langsmith-sdk#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2419\"\u003elangchain-ai/langsmith-sdk#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2423\"\u003elangchain-ai/langsmith-sdk#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2426\"\u003elangchain-ai/langsmith-sdk#2426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.0 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2381\"\u003elangchain-ai/langsmith-sdk#2381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ci): Convert JS release workflow to use OIDC by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2383\"\u003elangchain-ai/langsmith-sdk#2383\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): run evaluations as examples complete by \u003ca href=\"https://github.com/bees\"\u003e\u003ccode\u003e@​bees\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2349\"\u003elangchain-ai/langsmith-sdk#2349\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Restore default concurrency behavior for JS eval runner by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2385\"\u003elangchain-ai/langsmith-sdk#2385\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js,py): Adds backcompat for old prompt cache API by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2386\"\u003elangchain-ai/langsmith-sdk#2386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add system message visibility to Anthropic wrapper traces by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2375\"\u003elangchain-ai/langsmith-sdk#2375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2388\"\u003elangchain-ai/langsmith-sdk#2388\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2375\"\u003elangchain-ai/langsmith-sdk#2375\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.19.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/8.20.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.15.1 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com...\n\n_Description has been truncated_\n\n\u003c!-- RECURSEML_SUMMARY:START --\u003e\n## High-level PR Summary\nThis PR updates npm dependencies across 17 directories in a monorepo, primarily applying security patches for `next` (16.2.4→16.2.6 and 15.5.15→15.5.18), `axios` (1.15.0→1.15.2 and 1.16.0→1.16.1), `ws` (8.19.0/8.20.0→8.21.0), `langsmith` (0.5.26→0.7.2), `qs` (6.14.2/6.15.1→6.15.2), `express` (4.22.1→4.22.2), `body-parser` (1.20.4→1.20.5), and `fast-uri` (3.1.0→3.1.2). The updates address multiple high-severity security vulnerabilities including DoS attacks, middleware/proxy bypasses, XSS vulnerabilities, SSRF issues, prototype pollution, cache poisoning, and memory exhaustion bugs.\n\n⏱️ Estimated Review Time: 30-90 minutes\n\n\u003cdetails\u003e\n\u003csummary\u003e💡 Review Order Suggestion\u003c/summary\u003e\n\n| Order | File Path |\n|-------|-----------|\n| 1 | `apps/dex/package.json` |\n| 2 | `apps/dex/package-lock.json` |\n| 3 | `apps/wallet/package.json` |\n| 4 | `apps/wallet/package-lock.json` |\n| 5 | `apps/inferstructor-dashboard/package.json` |\n| 6 | `apps/inferstructor-dashboard/package-lock.json` |\n| 7 | `infra-structure/dashboard/package.json` |\n| 8 | `infra-structure/dashboard/package-lock.json` |\n| 9 | `apps/x3-desktop/package-lock.json` |\n| 10 | `apps/x3-desktop/rag-bot/package.json` |\n| 11 | `apps/x3-desktop/rag-bot/package-lock.json` |\n| 12 | `apps/x3-intelligence/package.json` |\n| 13 | `apps/x3-intelligence/package-lock.json` |\n| 14 | `infra-structure/services/blockchain-tps/package.json` |\n| 15 | `infra-structure/services/blockchain-tps/package-lock.json` |\n| 16 | `infra/blockchain-tps/package.json` |\n| 17 | `infra/blockchain-tps/package-lock.json` |\n| 18 | `infra-structure/services/chain-db/package.json` |\n| 19 | `infra-structure/services/chain-db/package-lock.json` |\n| 20 | `contracts/botchain-tri-vm-genesis/hardhat/package-lock.json` |\n| 21 | `packages/blockchain-connector/package.json` |\n| 22 | `packages/blockchain-connector/package-lock.json` |\n| 23 | `packages/polkawallet-plugin/package-lock.json` |\n| 24 | `scripts_infrastructure/coordinator/package.json` |\n| 25 | `scripts_infrastructure/coordinator/package-lock.json` |\n| 26 | `scripts_infrastructure/relayer/package.json` |\n| 27 | `scripts_infrastructure/relayer/package-lock.json` |\n| 28 | `scripts_infrastructure/testnet/package-lock.json` |\n| 29 | `x3fronend/package-lock.json` |\n| 30 | `packages/ts-sdk/package.json` |\n| 31 | `packages/ts-sdk/package-lock.json` |\n\u003c/details\u003e\n\n\n\n[![Need help? Join our Discord](https://img.shields.io/badge/Need%20help%3F%20Join%20our%20Discord-5865F2?style=plastic\u0026logo=discord\u0026logoColor=white)](https://discord.gg/n3SsVDAW6U)\n\n\u003c!-- RECURSEML_SUMMARY:END --\u003e\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade dependencies across apps and services to pick up security patches and stability fixes. This updates `next`, `axios`, `express`/`body-parser`, `ws`, `qs`, and `fast-uri` with no app code changes.\n\n- **Dependencies**\n  - `next`: `apps/dex` 16.2.4 → 16.2.6; `apps/wallet` 15.1.6 → 15.5.18 (security fixes and bug patches).\n  - `axios`: dashboards 1.15.0 → 1.15.2; `packages/ts-sdk` and Hardhat 1.16.0 → 1.16.1 (header/SSRF hardening, keep‑alive leak fix).\n  - `express` and `body-parser`: services updated to `express` 4.22.2 and `body-parser` 1.20.5 (latest patches).\n  - `ws`: bumped to 8.21.0 where used (DoS mitigation; adds `maxBufferedChunks`/`maxFragments`).\n  - `qs`: upgraded to 6.15.2 (parse/stringify fixes).\n  - `fast-uri`: upgraded to 3.1.2 (minor fixes).\n\n\u003csup\u003eWritten for commit 0dea9450fa738ad90d29b8edc1d82d82abc96d89. Summary will update on new commits. \u003ca href=\"https://cubic.dev/pr/Cyptopimpinainteazy/x3-atomic-star/pull/80?utm_source=github\"\u003eReview in cubic\u003c/a\u003e\u003c/sup\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/Cyptopimpinainteazy/x3-atomic-star/pull/80","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cyptopimpinainteazy%2Fx3-atomic-star/issues/80","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/80/packages"},{"uuid":"4507783156","node_id":"PR_kwDOPbm3Xs7emcNh","number":10,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 5 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T10:31:29.000Z","updated_at":"2026-05-23T10:36:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@hono/node-server","old_version":"1.14.4","new_version":"1.19.13","repository_url":"https://github.com/honojs/node-server"},{"name":"hono","old_version":"4.12.0","new_version":"4.12.18","repository_url":"https://github.com/honojs/hono"},{"name":"langsmith","old_version":"0.3.37","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"tar","old_version":"7.5.9","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"yaml","old_version":"2.8.0","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"axios","old_version":"1.13.5","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"defu","old_version":"6.1.4","new_version":"6.1.7","repository_url":"https://github.com/unjs/defu"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.5.3","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"protobufjs","old_version":"6.11.4","new_version":"6.11.6","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"vite","old_version":"6.4.1","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.14.4` | `1.19.13` |\n| [hono](https://github.com/honojs/hono) | `4.12.0` | `4.12.18` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.37` | `0.6.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.9` | `7.5.11` |\n| [yaml](https://github.com/eemeli/yaml) | `2.8.0` | `2.8.3` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.16.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [defu](https://github.com/unjs/defu) | `6.1.4` | `6.1.7` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.3` | `8.5.15` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `6.11.4` | `6.11.6` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.1` | `6.4.2` |\n\nBumps the npm_and_yarn group with 1 update in the /environment_tests/test-exports-vercel directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 2 updates in the /libs/langgraph-api directory: [uuid](https://github.com/uuidjs/uuid) and [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 1 update in the /libs/langgraph-cli directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 1 update in the /libs/sdk directory: [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `uuid` from 9.0.1 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.1...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.14.4 to 1.19.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(globals): Stop overwriting global.fetch by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/295\"\u003ehonojs/node-server#295\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add guide for listening to UNIX domain socket by \u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serve-static): Use Readable.toWeb in serveStatic by \u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.7...v1.19.8\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.7...v1.19.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Fix for hono issue 4563 - incorrect content-length after following symlink by \u003ca href=\"https://github.com/tshmieldev\"\u003e\u003ccode\u003e@​tshmieldev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/290\"\u003ehonojs/node-server#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/455015be1697dd89974a68b70350ea7b2d126d2e\"\u003e\u003ccode\u003e455015b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cc05c48d8eb34007d5d5ff3861ea554721387041\"\u003e\u003ccode\u003ecc05c48\u003c/code\u003e\u003c/a\u003e chore: add benchmark for comparing with npm and local (dev) (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/305\"\u003e#305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.14.4...v1.19.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.12.0 to 4.12.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.18\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eCache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage\u003c/h3\u003e\n\u003cp\u003eAffects: Cache Middleware. Fixes missing cache-skip handling for \u003ccode\u003eVary: Authorization\u003c/code\u003e and \u003ccode\u003eVary: Cookie\u003c/code\u003e, where a response cached for one authenticated user could be served to other users. GHSA-p77w-8qqv-26rm\u003c/p\u003e\n\u003ch3\u003eCSS Declaration Injection via Style Object Values in JSX SSR\u003c/h3\u003e\n\u003cp\u003eAffects: hono/jsx. Fixes a missing CSS-context escape for \u003ccode\u003estyle\u003c/code\u003e object values and property names, where untrusted input could inject additional CSS declarations. The impact is limited to CSS and does not allow JavaScript execution. GHSA-qp7p-654g-cw7p\u003c/p\u003e\n\u003ch3\u003eImproper validation of NumericDate claims (exp, nbf, iat) in JWT verify()\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/utils/jwt\u003c/code\u003e. Fixes improper validation of \u003ccode\u003eexp\u003c/code\u003e, \u003ccode\u003enbf\u003c/code\u003e, and \u003ccode\u003eiat\u003c/code\u003e claims, where falsy, non-finite, or non-numeric values could silently bypass time-based checks instead of being rejected per RFC 7519. GHSA-hm8q-7f3q-5f36\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use the JWT helper, hono/jsx, or the Cache middleware are strongly encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.17\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(jsx): normalize SVG attributes on the \u003c!-- raw HTML omitted --\u003e root element by \u003ca href=\"https://github.com/kfly8\"\u003e\u003ccode\u003e@​kfly8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4893\"\u003ehonojs/hono#4893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ssg): add \u003ccode\u003eatom+xml\u003c/code\u003e and \u003ccode\u003erss+xml\u003c/code\u003e to \u003ccode\u003edefaultExtensionMap\u003c/code\u003e by \u003ca href=\"https://github.com/yuintei\"\u003e\u003ccode\u003e@​yuintei\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4899\"\u003ehonojs/hono#4899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(cors): make origin optional in CORSOptions by \u003ca href=\"https://github.com/truffle-dev\"\u003e\u003ccode\u003e@​truffle-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4905\"\u003ehonojs/hono#4905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(types): propagate middleware response types to app.on overloads by \u003ca href=\"https://github.com/T4ko0522\"\u003e\u003ccode\u003e@​T4ko0522\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4906\"\u003ehonojs/hono#4906\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kfly8\"\u003e\u003ccode\u003e@​kfly8\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4893\"\u003ehonojs/hono#4893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/truffle-dev\"\u003e\u003ccode\u003e@​truffle-dev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4905\"\u003ehonojs/hono#4905\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.16...v4.12.17\"\u003ehttps://github.com/honojs/hono/compare/v4.12.16...v4.12.17\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.16\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eUnvalidated JSX Tag Names in hono/jsx May Allow HTML Injection\u003c/h3\u003e\n\u003cp\u003eAffects: hono/jsx. Fixes missing validation of JSX tag names when using \u003ccode\u003ejsx()\u003c/code\u003e or \u003ccode\u003ecreateElement()\u003c/code\u003e, which could allow HTML injection if untrusted input is used as the tag name. GHSA-69xw-7hcm-h432\u003c/p\u003e\n\u003ch3\u003ebodyLimit() can be bypassed for chunked / unknown-length requests\u003c/h3\u003e\n\u003cp\u003eAffects: Body Limit Middleware. Fixes late enforcement for request bodies without a reliable Content-Length (e.g. chunked requests), where oversized requests could reach handlers and return successful responses before being rejected. GHSA-9vqf-7f2p-gf9v\u003c/p\u003e\n\u003ch2\u003ev4.12.15\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(jwt): support single-line PEM keys by \u003ca href=\"https://github.com/hiendv\"\u003e\u003ccode\u003e@​hiendv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4889\"\u003ehonojs/hono#4889\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f10dee89ced5956b73c1cdc416d6bc0fd54d63b7\"\u003e\u003ccode\u003ef10dee8\u003c/code\u003e\u003c/a\u003e 4.12.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a5bd9ebead279ed9d0239ecbd854f629edfc0e57\"\u003e\u003ccode\u003ea5bd9eb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/58d3d3ad5656e007ed99da1b73865975952de5e9\"\u003e\u003ccode\u003e58d3d3a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/568c2ecc1dd556894fad4dfa4a7ba499db6dba9c\"\u003e\u003ccode\u003e568c2ec\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/ff2b3d31df1be35f7d597a95dd3369402b6e87f2\"\u003e\u003ccode\u003eff2b3d3\u003c/code\u003e\u003c/a\u003e 4.12.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/52aaaf9714b06303ce5caa655b1d80675be687e9\"\u003e\u003ccode\u003e52aaaf9\u003c/code\u003e\u003c/a\u003e fix(types): propagate middleware response types to app.on overloads (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4906\"\u003e#4906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/76d5589e9b0569f4e74ec37e8dd6979455f70dfa\"\u003e\u003ccode\u003e76d5589\u003c/code\u003e\u003c/a\u003e fix(cors): make origin optional in CORSOptions (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4905\"\u003e#4905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/8f027e5574e91e3c7f263a728656e3888559e51a\"\u003e\u003ccode\u003e8f027e5\u003c/code\u003e\u003c/a\u003e fix(ssg): add \u003ccode\u003eatom+xml\u003c/code\u003e and \u003ccode\u003erss+xml\u003c/code\u003e to \u003ccode\u003edefaultExtensionMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4899\"\u003e#4899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/bfba97ca7ea3d4541a3419f1749e5a1a3e8f1727\"\u003e\u003ccode\u003ebfba97c\u003c/code\u003e\u003c/a\u003e fix(jsx): normalize SVG attributes on the \u0026lt;svg\u0026gt; root element (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4893\"\u003e#4893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/90d4182aabd328e2ec6af3f25ec62ddc574ad8cb\"\u003e\u003ccode\u003e90d4182\u003c/code\u003e\u003c/a\u003e 4.12.16\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.0...v4.12.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.3.37 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(openai): Add use responses API to OpenAI wrapper by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2218\"\u003elangchain-ai/langsmith-sdk#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(py): Fix Python integration tests by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2219\"\u003elangchain-ai/langsmith-sdk#2219\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add invocation param tracing for OpenAI responses wrapper in JS by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2220\"\u003elangchain-ai/langsmith-sdk#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore empty string by \u003ca href=\"https://github.com/hinthornw\"\u003e\u003ccode\u003e@​hinthornw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2225\"\u003elangchain-ai/langsmith-sdk#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove duplicate patch from claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2189\"\u003elangchain-ai/langsmith-sdk#2189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix JS Memory Leak clean child_runs by \u003ca href=\"https://github.com/amodelaweb\"\u003e\u003ccode\u003e@​amodelaweb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2228\"\u003elangchain-ai/langsmith-sdk#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Make traced async iterators call finally on success by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2230\"\u003elangchain-ai/langsmith-sdk#2230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.4.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2231\"\u003elangchain-ai/langsmith-sdk#2231\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/71b71893b45953b9f339bc62a8037469da4fc914\"\u003e\u003ccode\u003e71b7189\u003c/code\u003e\u003c/a\u003e feat(python): Bump pydantic to v2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1482c9c3f689680e448da66e75c377a8f5bb00ae\"\u003e\u003ccode\u003e1482c9c\u003c/code\u003e\u003c/a\u003e feat: add prompt cache back and setup environment tests (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3ebe56bd56c16616945e7bf9d6860c2c42f1a782\"\u003e\u003ccode\u003e3ebe56b\u003c/code\u003e\u003c/a\u003e release(js): bump to 0.4.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2259\"\u003e#2259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8b87f144ef5d2c6a5b3e9bf3f86ba49ca571f198\"\u003e\u003ccode\u003e8b87f14\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2257\"\u003e#2257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/43335d5ac9eda253671b0300e38b248e35882f30\"\u003e\u003ccode\u003e43335d5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: add js prompt caching\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/ae71b5e7cdc44a8868b8d4de8696bd6b3c70f1ac\"\u003e\u003ccode\u003eae71b5e\u003c/code\u003e\u003c/a\u003e chore(js): bump JS to 0.4.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2253\"\u003e#2253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/9fd842cf020d4825a34ce4bf6aa7d678e6813e34\"\u003e\u003ccode\u003e9fd842c\u003c/code\u003e\u003c/a\u003e bump(python): 0.5.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2256\"\u003e#2256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8fd1283fcf7d0f284f36287ac9975b2ca8661f9a\"\u003e\u003ccode\u003e8fd1283\u003c/code\u003e\u003c/a\u003e fix(claude): correctly parse llm and tool inputs in claude agent sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/2903578ef415dd785b95dc9cce95c1ba2f8f4f23\"\u003e\u003ccode\u003e2903578\u003c/code\u003e\u003c/a\u003e feat: add js prompt caching (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2251\"\u003e#2251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3f1d68058251de9e4204c7b9d5c65729dce401eb\"\u003e\u003ccode\u003e3f1d680\u003c/code\u003e\u003c/a\u003e feat: add prompt caching to python sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2246\"\u003e#2246\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.3.37...v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.9 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.9...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yaml` from 2.8.0 to 2.8.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eemeli/yaml/releases\"\u003eyaml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.8.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003etrailingComma\u003c/code\u003e ToString option for multiline flow formatting (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCatch stack overflow during node composition (1e84ebb)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.8.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSerialize -0 as -0 (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/638\"\u003e#638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not double newlines for empty map values (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/642\"\u003e#642\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve empty block literals (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/634\"\u003e#634\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/ce14587484822bffb0f7d31aefedcaf2dc0d0387\"\u003e\u003ccode\u003ece14587\u003c/code\u003e\u003c/a\u003e 2.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/1e84ebbea7ec35011a4c61bbb820a529ee4f359b\"\u003e\u003ccode\u003e1e84ebb\u003c/code\u003e\u003c/a\u003e fix: Catch stack overflow during node composition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/6b24090280eaaab5040112bba41ccef57f39c2d5\"\u003e\u003ccode\u003e6b24090\u003c/code\u003e\u003c/a\u003e ci: Include Prettier check in lint action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/9424dee38c85163fad53ac27533c7c4bdaf7495d\"\u003e\u003ccode\u003e9424dee\u003c/code\u003e\u003c/a\u003e chore: Refresh lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/d1aca82bc15a4c261bdc58561d32189a5d3a45ef\"\u003e\u003ccode\u003ed1aca82\u003c/code\u003e\u003c/a\u003e Add trailingComma ToString option for multiline flow formatting (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/43215099f7fcdac422d778c15e70d83c691b0e41\"\u003e\u003ccode\u003e4321509\u003c/code\u003e\u003c/a\u003e ci: Drop the branch filter from GitHub PR actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/47207d0fc7d4f863cd5fbdcff1378637bd93e847\"\u003e\u003ccode\u003e47207d0\u003c/code\u003e\u003c/a\u003e chore: Update docs-slate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/5212faeed5936d1fa291d2f28672e4a96e2c2c5d\"\u003e\u003ccode\u003e5212fae\u003c/code\u003e\u003c/a\u003e chore: Update docs-slate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/086fa6b5bae325da18734750cddee231ce578930\"\u003e\u003ccode\u003e086fa6b\u003c/code\u003e\u003c/a\u003e 2.8.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/95f01e98032ddf199b42bb3ba0737303b35ef752\"\u003e\u003ccode\u003e95f01e9\u003c/code\u003e\u003c/a\u003e chore: Add funding to package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eemeli/yaml/compare/v2.8.0...v2.8.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `defu` from 6.1.4 to 6.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unjs/defu/releases\"\u003edefu's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.6...v6.1.7\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExport Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eJakub Michálek (\u003ca href=\"https://github.com/J-Michalek\"\u003e\u003ccode\u003e@​J-Michalek\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.6\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.5...v6.1.6\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mixed types (\u003ca href=\"https://github.com/unjs/defu/commit/407b516\"\u003e407b516\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.5\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.4...v6.1.5\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent prototype pollution via \u003ccode\u003e__proto__\u003c/code\u003e in defaults (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore inherited enumerable properties (\u003ca href=\"https://github.com/unjs/defu/commit/11ba022\"\u003e11ba022\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e✅ Tests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more tests for plain objects (\u003ca href=\"https://github.com/unjs/defu/commit/b65f603\"\u003eb65f603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePooya Parsa (\u003ca href=\"https://github.com/pi0\"\u003e\u003ccode\u003e@​pi0\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unjs/defu/blob/main/CHANGELOG.md\"\u003edefu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.6...v6.1.7\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edefu.d.cts:\u003c/strong\u003e Export Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eJakub Michálek (\u003ca href=\"https://githu...\n\n_Description has been truncated_\n\n---\n\n🔧 This PR updates 19 npm dependencies across 5 directories in the LangGraph project, including major version bumps for uuid (9.0.1→14.0.0), langsmith (0.3.x→0.7.2), and several security-focused updates for hono, axios, and other packages.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **UUID Library**: Major version upgrade from 9.0.1/10.0.0 to 14.0.0 across 8 packages, introducing Node.js 20+ requirement and security fixes\n- **LangSmith SDK**: Updated from 0.3.x to 0.7.2 in langgraph-api and langgraph-cli, adding AI SDK 6 support and prompt caching features\n- **Hono Framework**: Security updates from 4.12.0 to 4.12.18 fixing cache middleware vulnerabilities, JSX injection issues, and JWT validation problems\n- **Next.js**: Minor update from 15.5.10 to 15.5.18 in test environment\n- **Security Dependencies**: Multiple packages updated with security fixes including axios (prototype pollution), basic-ftp (control character injection), and others\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 19 Updates]\n    B --\u003e C[UUID v14.0.0]\n    B --\u003e D[LangSmith v0.7.2]\n    B --\u003e E[Hono v4.12.18]\n    B --\u003e F[Security Patches]\n    \n    C --\u003e G[Breaking: Node 20+ Required]\n    C --\u003e H[Security: Buffer Validation]\n    \n    D --\u003e I[AI SDK 6 Support]\n    D --\u003e J[Prompt Caching]\n    \n    E --\u003e K[Cache Middleware Fix]\n    E --\u003e L[JSX Security Fix]\n    E --\u003e M[JWT Validation Fix]\n    \n    F --\u003e N[Axios Prototype Pollution]\n    F --\u003e O[Basic-FTP Control Injection]\n```\n\n### Impact\n- **Security Enhancement**: Multiple critical security vulnerabilities addressed across the dependency chain, particularly in web frameworks and HTTP clients\n- **Node.js Compatibility**: Breaking change requiring Node.js 20+ due to UUID library update, but provides better performance and security\n- **Feature Additions**: New capabilities in LangSmith SDK including AI SDK 6 support and prompt caching functionality\n- **Maintenance**: Routine updates to build tools, testing frameworks, and utility libraries ensuring continued compatibility and performance\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/langgraphjs/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Flanggraphjs/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4507528590","node_id":"PR_kwDORmaros7elq-C","number":39,"state":"closed","title":"Bump the npm_and_yarn group across 29 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-23T08:43:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T08:42:26.000Z","updated_at":"2026-05-23T08:43:33.000Z","time_to_close":65,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":8,"packages":[{"name":"langsmith","old_version":"0.3.87","new_version":"0.7.2","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"axios","old_version":"1.13.6","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.13.4","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the /skills/abhayjb/mem0 directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/al1enjesus/polyclawster directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/asgherali/usd1 directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/autogame-17/feishu-doc directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/autogame-17/feishu-post directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/brianleach/metra directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/brianleach/mta directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/cuongdcdev/near-intents directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/homeofe/clawhub-scanner directory: [brace-expansion](https://github.com/juliangruber/brace-expansion).\nBumps the npm_and_yarn group with 1 update in the /skills/homeofe/openclaw-docker directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/jefdiesel/clawphunks directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /skills/josephrp/autonomous directory: [axios](https://github.com/axios/axios) and [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 2 updates in the /skills/jvsteiner/unimarket directory: [axios](https://github.com/axios/axios) and [@libp2p/kad-dht](https://github.com/libp2p/js-libp2p).\nBumps the npm_and_yarn group with 3 updates in the /skills/koatora20/guard-scanner directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [axios](https://github.com/axios/axios) and [openclaw](https://github.com/openclaw/openclaw).\nBumps the npm_and_yarn group with 1 update in the /skills/krunkosaurus/sogni-gen directory: [js-cookie](https://github.com/js-cookie/js-cookie).\nBumps the npm_and_yarn group with 3 updates in the /skills/licc921/safelink directory: [axios](https://github.com/axios/axios), [protobufjs](https://github.com/protobufjs/protobuf.js) and [@libp2p/kad-dht](https://github.com/libp2p/js-libp2p).\nBumps the npm_and_yarn group with 1 update in the /skills/lkocaj/leadflow directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/lucasygu/ttc directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/mohibshaikh/clawvet directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 2 updates in the /skills/sieyer/mem0-1-0-0 directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/silostack/silk directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/silostack/silkyway directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/sumeetghimire/safehub directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/tjamescouch/agentchat directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /skills/topguyaii/hub1 directory: [axios](https://github.com/axios/axios) and [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /skills/w3h9uf/hashbox-plugin directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /skills/wkyleg/bitchat directory: [protobufjs](https://github.com/protobufjs/protobuf.js) and [openclaw](https://github.com/openclaw/openclaw).\nBumps the npm_and_yarn group with 3 updates in the /skills/xray2016/openclaw-mem0 directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk), [protobufjs](https://github.com/protobufjs/protobuf.js) and [openclaw](https://github.com/openclaw/openclaw).\nBumps the npm_and_yarn group with 3 updates in the /skills/xucheng/openclaw-onebot directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [axios](https://github.com/axios/axios) and [openclaw](https://github.com/openclaw/openclaw).\n\nUpdates `langsmith` from 0.3.87 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2389\"\u003elangchain-ai/langsmith-sdk#2389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove \u003ca href=\"https://github.com/internal\"\u003e\u003ccode\u003e@​internal\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2391\"\u003elangchain-ai/langsmith-sdk#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2392\"\u003elangchain-ai/langsmith-sdk#2392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump openai from 5.8.2 to 6.18.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2378\"\u003elangchain-ai/langsmith-sdk#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump cross-env from 7.0.3 to 10.1.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2379\"\u003elangchain-ai/langsmith-sdk#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2376\"\u003elangchain-ai/langsmith-sdk#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump node-fetch from 2.7.0 to 3.3.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2380\"\u003elangchain-ai/langsmith-sdk#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGoogle ADK LangSmith tracing enhancements by \u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependabot.yml to comply with posture checks by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2393\"\u003elangchain-ai/langsmith-sdk#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump cryptography from 46.0.3 to 46.0.5 in /python in the uv group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2397\"\u003elangchain-ai/langsmith-sdk#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2398\"\u003elangchain-ai/langsmith-sdk#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2399\"\u003elangchain-ai/langsmith-sdk#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump packaging from 25.0 to 26.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2403\"\u003elangchain-ai/langsmith-sdk#2403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pytest from 8.4.2 to 9.0.2 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2405\"\u003elangchain-ai/langsmith-sdk#2405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 20 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2406\"\u003elangchain-ai/langsmith-sdk#2406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Log Vitest/Jest outputs even if test throws an error by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2408\"\u003elangchain-ai/langsmith-sdk#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove async by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2409\"\u003elangchain-ai/langsmith-sdk#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.3 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2410\"\u003elangchain-ai/langsmith-sdk#2410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignoring p-queue dep by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2414\"\u003elangchain-ai/langsmith-sdk#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add on_start handler for traceable, use in evaluate by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2421\"\u003elangchain-ai/langsmith-sdk#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.4 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2422\"\u003elangchain-ai/langsmith-sdk#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2419\"\u003elangchain-ai/langsmith-sdk#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2423\"\u003elangchain-ai/langsmith-sdk#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2426\"\u003elangchain-ai/langsmith-sdk#2426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.0 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2381\"\u003elangchain-ai/langsmith-sdk#2381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ci): Convert JS release workflow to use OIDC by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2383\"\u003elangchain-ai/langsmith-sdk#2383\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): run evaluations as examples complete by \u003ca href=\"https://github.com/bees\"\u003e\u003ccode\u003e@​bees\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2349\"\u003elangchain-ai/langsmith-sdk#2349\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Restore default concurrency behavior for JS eval runner by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2385\"\u003elangchain-ai/langsmith-sdk#2385\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js,py): Adds backcompat for old prompt cache API by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2386\"\u003elangchain-ai/langsmith-sdk#2386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add system message visibility to Anthropic wrapper traces by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2375\"\u003elangchain-ai/langsmith-sdk#2375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2388\"\u003elangchain-ai/langsmith-sdk#2388\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2375\"\u003elangchain-ai/langsmith-sdk#2375\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.6 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.6...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.4 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.6...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href...\n\n_Description has been truncated_","html_url":"https://github.com/kriptoburak/skills-2/pull/39","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kriptoburak%2Fskills-2/issues/39","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/39/packages"},{"uuid":"4506759367","node_id":"PR_kwDORpILzM7ejRvi","number":1,"state":"open","title":"chore(deps): Bump the npm_and_yarn group across 1 directory with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T04:01:50.000Z","updated_at":"2026-05-23T04:02:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"turbo","old_version":"2.8.9","new_version":"2.9.14","repository_url":"https://github.com/vercel/turborepo"},{"name":"handlebars","old_version":"4.7.8","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"samlify","old_version":"2.10.0","new_version":"2.13.0","repository_url":"https://github.com/tngan/samlify"},{"name":"ws","old_version":"8.17.1","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"langsmith","old_version":"0.4.12","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"postcss","old_version":"8.4.49","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"axios","old_version":"1.13.5","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"nodemailer","old_version":"7.0.11","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"simple-git","old_version":"3.32.3","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"uuid","old_version":"10.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"vm2","old_version":"3.10.5","new_version":"3.11.3","repository_url":"https://github.com/patriksimek/vm2"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [turbo](https://github.com/vercel/turborepo) | `2.8.9` | `2.9.14` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [ws](https://github.com/websockets/ws) | `8.17.1` | `8.20.1` |\n| [qs](https://github.com/ljharb/qs) | `6.14.2` | `6.15.2` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.4.12` | `0.6.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.49` | `8.5.10` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.32.3` | `3.36.0` |\n| [uuid](https://github.com/uuidjs/uuid) | `10.0.0` | `14.0.0` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.10.5` | `3.11.3` |\n\n\nUpdates `turbo` from 2.8.9 to 2.9.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/releases\"\u003eturbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTurborepo v2.9.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains important security fixes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eHigh:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-5xc8-49mv-x4mm\"\u003eGHSA-5xc8-49mv-x4mm: Turborepo VSCode Extension command injection\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eLow:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-hcf7-66rw-9f5r\"\u003eGHSA-hcf7-66rw-9f5r: Login callback CSRF/session fixation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-3qcw-2rhx-2726\"\u003eGHSA-3qcw-2rhx-2726: Unexpected local code execution during Yarn Berry detection\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.12 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12774\"\u003evercel/turborepo#12774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Restore docs mobile menu by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12782\"\u003evercel/turborepo#12782\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12787\"\u003evercel/turborepo#12787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Scope GitHub Actions caches by branch by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12788\"\u003evercel/turborepo#12788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Validate lockfiles without dependency downloads by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12789\"\u003evercel/turborepo#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unneeded import form hash creation script in docs by \u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate auth callback state by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12802\"\u003evercel/turborepo#12802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden VS Code extension command execution by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12800\"\u003evercel/turborepo#12800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Avoid project-local Yarn during detection by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12801\"\u003evercel/turborepo#12801\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Release 2.9.13 by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12803\"\u003evercel/turborepo#12803\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.12...v2.9.14\"\u003ehttps://github.com/vercel/turborepo/compare/v2.9.12...v2.9.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eTurborepo v2.9.13-canary.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.11-canary.7 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12768\"\u003evercel/turborepo#12768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Allow \u003ccode\u003e$TURBO_EXTENDS$\u003c/code\u003e in LSP diagnostics by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12770\"\u003evercel/turborepo#12770\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.11 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12771\"\u003evercel/turborepo#12771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Allow transit nodes in LSP diagnostics by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12773\"\u003evercel/turborepo#12773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.12 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12774\"\u003evercel/turborepo#12774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Restore docs mobile menu by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12782\"\u003evercel/turborepo#12782\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12787\"\u003evercel/turborepo#12787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Scope GitHub Actions caches by branch by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12788\"\u003evercel/turborepo#12788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Validate lockfiles without dependency downloads by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12789\"\u003evercel/turborepo#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unneeded import form hash creation script in docs by \u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate auth callback state by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12802\"\u003evercel/turborepo#12802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden VS Code extension command execution by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12800\"\u003evercel/turborepo#12800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Avoid project-local Yarn during detection by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12801\"\u003evercel/turborepo#12801\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/fc62fe0d9c347d1d24f0ed8946284856593ddb93\"\u003e\u003ccode\u003efc62fe0\u003c/code\u003e\u003c/a\u003e publish 2.9.14 to registry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/fb8c9aec0f9e83f95783659a5ce9c4478cf62cb9\"\u003e\u003ccode\u003efb8c9ae\u003c/code\u003e\u003c/a\u003e chore: Release 2.9.13 (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12803\"\u003e#12803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/e8e629da4e1fb75231089e91b19be9d327a3e649\"\u003e\u003ccode\u003ee8e629d\u003c/code\u003e\u003c/a\u003e fix: Avoid project-local Yarn during detection (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12801\"\u003e#12801\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/91c90cbf12f524c5c29b713d6472dd5fcdecb309\"\u003e\u003ccode\u003e91c90cb\u003c/code\u003e\u003c/a\u003e fix: Harden VS Code extension command execution (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12800\"\u003e#12800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/84f450894e87da1eed864d51f6f637f26980d560\"\u003e\u003ccode\u003e84f4508\u003c/code\u003e\u003c/a\u003e fix: Validate auth callback state (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/1779ad7901384f106236a6e196059e4929745514\"\u003e\u003ccode\u003e1779ad7\u003c/code\u003e\u003c/a\u003e Removed unneeded import form hash creation script in docs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12799\"\u003e#12799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/71f8c90a807ffb9b9876ea8a04f523f473bf5c8d\"\u003e\u003ccode\u003e71f8c90\u003c/code\u003e\u003c/a\u003e test: Validate lockfiles without dependency downloads (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12789\"\u003e#12789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/5fcb96024d503127bb0ed760ebe159b7716c52b3\"\u003e\u003ccode\u003e5fcb960\u003c/code\u003e\u003c/a\u003e ci: Scope GitHub Actions caches by branch (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12788\"\u003e#12788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/4cf9fabc9a6f6c99fe4e2f2da9f35be631be062a\"\u003e\u003ccode\u003e4cf9fab\u003c/code\u003e\u003c/a\u003e ci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12787\"\u003e#12787\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/859c629bc401f239ac7980a132746ca90478e17c\"\u003e\u003ccode\u003e859c629\u003c/code\u003e\u003c/a\u003e fix: Restore docs mobile menu (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12782\"\u003e#12782\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.8.9...v2.9.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.8 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `samlify` from 2.10.0 to 2.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tngan/samlify/releases\"\u003esamlify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.11 to 0.8.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/603\"\u003etngan/samlify#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/605\"\u003etngan/samlify#605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/606\"\u003etngan/samlify#606\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject promises with Error instances, not raw strings (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/581\"\u003e#581\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/607\"\u003etngan/samlify#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support simpleSign binding for logout request/response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/584\"\u003e#584\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/608\"\u003etngan/samlify#608\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: correct the parseResult example in saml-response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/518\"\u003e#518\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/609\"\u003etngan/samlify#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify that wantMessageSigned and signatureConfig are SP options (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/516\"\u003e#516\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/610\"\u003etngan/samlify#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRFC-0001: introduce .skills/ and mandatory SAML 2.0 spec citation workflow by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/611\"\u003etngan/samlify#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request relayState for login + logout (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/163\"\u003e#163\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/612\"\u003etngan/samlify#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esec: 2026-04 audit — patch vite, fix XXE bypass, reject unknown sig algs by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/613\"\u003etngan/samlify#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: omit AuthnRequest attributes whose value is null/undefined (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/455\"\u003e#455\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/614\"\u003etngan/samlify#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pass SessionIndex through createLogoutRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/470\"\u003e#470\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/615\"\u003etngan/samlify#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: throw a clear error when redirect binding has no SSO/SLO endpoint (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/308\"\u003e#308\u003c/a\u003e \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/405\"\u003e#405\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/617\"\u003etngan/samlify#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: surface SP/IdP signing flags in ERR_METADATA_CONFLICT_REQUEST_SIGNED_FLAG (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/453\"\u003e#453\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/616\"\u003etngan/samlify#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: default signatureConfig for SP when wantMessageSigned is true (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/454\"\u003e#454\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/619\"\u003etngan/samlify#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request ForceAuthn for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/359\"\u003e#359\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/618\"\u003etngan/samlify#618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support tagPrefix.protocol and tagPrefix.assertion on IdP (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/388\"\u003e#388\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/620\"\u003etngan/samlify#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: invoke customTagReplacement even without explicit template (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/549\"\u003e#549\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/621\"\u003etngan/samlify#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support elementsOrder option on IdP metadata (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/429\"\u003e#429\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/622\"\u003etngan/samlify#622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support RSASSA-PSS signature algorithms (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/624\"\u003e#624\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/625\"\u003etngan/samlify#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request AssertionConsumerServiceIndex for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/437\"\u003e#437\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/623\"\u003etngan/samlify#623\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSecurity Audit\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/tngan/samlify/security/advisories/GHSA-34r5-q4jw-r36m\"\u003ehttps://github.com/tngan/samlify/security/advisories/GHSA-34r5-q4jw-r36m\u003c/a\u003e (credit to \u003ca href=\"https://github.com/RootUp\"\u003e\u003ccode\u003e@​RootUp\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tngan/samlify/compare/v2.12.0...v2.13.0\"\u003ehttps://github.com/tngan/samlify/compare/v2.12.0...v2.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.12.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: security audit - XPath injection, XXE protection, dependency update \u003ca href=\"https://github.com/tngan/samlify/commit/ab87376e9e8df4faea21995d99c6821bc7f6898e\"\u003ehttps://github.com/tngan/samlify/commit/ab87376e9e8df4faea21995d99c6821bc7f6898e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: maintain the commonjs build and remove camel case lib import by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/601\"\u003etngan/samlify#601\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tngan/samlify/compare/v2.11.0...v2.12.0\"\u003ehttps://github.com/tngan/samlify/compare/v2.11.0...v2.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Replace node-forge with Node.js native crypto by \u003ca href=\"https://github.com/simplyluke\"\u003e\u003ccode\u003e@​simplyluke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/598\"\u003etngan/samlify#598\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump rollup from 4.53.2 to 4.59.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/597\"\u003etngan/samlify#597\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/596\"\u003etngan/samlify#596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump preact from 10.27.2 to 10.28.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/593\"\u003etngan/samlify#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump mdast-util-to-hast from 13.2.0 to 13.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/589\"\u003etngan/samlify#589\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/simplyluke\"\u003e\u003ccode\u003e@​simplyluke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/598\"\u003etngan/samlify#598\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tngan/samlify/compare/v2.10.2...v2.11.0\"\u003ehttps://github.com/tngan/samlify/compare/v2.10.2...v2.11.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/3230b2b9193654d3090b4c10d8f4be866b8c2351\"\u003e\u003ccode\u003e3230b2b\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/b37a65ce9959c8f3d85a71d22d82eaaac0ef66cb\"\u003e\u003ccode\u003eb37a65c\u003c/code\u003e\u003c/a\u003e fix: escape XML element text in replaceTagsByValue to prevent SAML attribute ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/0235cab01f0a1602ffac89ce28f4e253aace2ff5\"\u003e\u003ccode\u003e0235cab\u003c/code\u003e\u003c/a\u003e feat: per-request AssertionConsumerServiceIndex for createLoginRequest (close...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/a3910b16388d80b76ffc301d6afcc9c6cc640366\"\u003e\u003ccode\u003ea3910b1\u003c/code\u003e\u003c/a\u003e feat: support RSASSA-PSS signature algorithms (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/624\"\u003e#624\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/625\"\u003e#625\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/8f1cc8bf2127eddea7108e3c41ca4086da041574\"\u003e\u003ccode\u003e8f1cc8b\u003c/code\u003e\u003c/a\u003e feat: support elementsOrder option on IdP metadata (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/429\"\u003e#429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/622\"\u003e#622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/c393d8108428eaaedda54359a76688124067c950\"\u003e\u003ccode\u003ec393d81\u003c/code\u003e\u003c/a\u003e fix: invoke customTagReplacement even without explicit template (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/549\"\u003e#549\u003c/a\u003e)...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/ee738cc9af8515a3d6ae926610382e39853a2b82\"\u003e\u003ccode\u003eee738cc\u003c/code\u003e\u003c/a\u003e feat: support tagPrefix.protocol and tagPrefix.assertion on IdP (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/388\"\u003e#388\u003c/a\u003e)...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/1c2b9fa8ac23b6ff159c8d7ab2c946c718ec4af5\"\u003e\u003ccode\u003e1c2b9fa\u003c/code\u003e\u003c/a\u003e feat: per-request ForceAuthn for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/359\"\u003e#359\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/803acc17e327a32695750b4f8d60e5cfebfad9cb\"\u003e\u003ccode\u003e803acc1\u003c/code\u003e\u003c/a\u003e fix: default signatureConfig for SP when wantMessageSigned is true (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/4\"\u003e#4\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/3ee2bc66aabca5e81d7b063948788a36e0976653\"\u003e\u003ccode\u003e3ee2bc6\u003c/code\u003e\u003c/a\u003e fix: surface SP/IdP signing flags in ERR_METADATA_CONFLICT_REQUEST_SIGNED_FLA...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tngan/samlify/compare/v2.10.0...v2.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.17.1 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.17.1...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.4.12 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(openai): Add use responses API to OpenAI wrapper by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2218\"\u003elangchain-ai/langsmith-sdk#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(py): Fix Python integration tests by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2219\"\u003elangchain-ai/langsmith-sdk#2219\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add invocation param tracing for OpenAI responses wrapper in JS by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2220\"\u003elangchain-ai/langsmith-sdk#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore empty string by \u003ca href=\"https://github.com/hinthornw\"\u003e\u003ccode\u003e@​hinthornw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2225\"\u003elangchain-ai/langsmith-sdk#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove duplicate patch from claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2189\"\u003elangchain-ai/langsmith-sdk#2189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix JS Memory Leak clean child_runs by \u003ca href=\"https://github.com/amodelaweb\"\u003e\u003ccode\u003e@​amodelaweb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2228\"\u003elangchain-ai/langsmith-sdk#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Make traced async iterators call finally on success by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2230\"\u003elangchain-ai/langsmith-sdk#2230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.4.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2231\"\u003elangchain-ai/langsmith-sdk#2231\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/71b71893b45953b9f339bc62a8037469da4fc914\"\u003e\u003ccode\u003e71b7189\u003c/code\u003e\u003c/a\u003e feat(python): Bump pydantic to v2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1482c9c3f689680e448da66e75c377a8f5bb00ae\"\u003e\u003ccode\u003e1482c9c\u003c/code\u003e\u003c/a\u003e feat: add prompt cache back and setup environment tests (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3ebe56bd56c16616945e7bf9d6860c2c42f1a782\"\u003e\u003ccode\u003e3ebe56b\u003c/code\u003e\u003c/a\u003e release(js): bump to 0.4.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2259\"\u003e#2259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8b87f144ef5d2c6a5b3e9bf3f86ba49ca571f198\"\u003e\u003ccode\u003e8b87f14\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2257\"\u003e#2257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/43335d5ac9eda253671b0300e38b248e35882f30\"\u003e\u003ccode\u003e43335d5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: add js prompt caching\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/ae71b5e7cdc44a8868b8d4de8696bd6b3c70f1ac\"\u003e\u003ccode\u003eae71b5e\u003c/code\u003e\u003c/a\u003e chore(js): bump JS to 0.4.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2253\"\u003e#2253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/9fd842cf020d4825a34ce4bf6aa7d678e6813e34\"\u003e\u003ccode\u003e9fd842c\u003c/code\u003e\u003c/a\u003e bump(python): 0.5.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2256\"\u003e#2256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8fd1283fcf7d0f284f36287ac9975b2ca8661f9a\"\u003e\u003ccode\u003e8fd1283\u003c/code\u003e\u003c/a\u003e fix(claude): correctly parse llm and tool inputs in claude agent sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/2903578ef415dd785b95dc9cce95c1ba2f8f4f23\"\u003e\u003ccode\u003e2903578\u003c/code\u003e\u003c/a\u003e feat: add js prompt caching (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2251\"\u003e#2251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3f1d68058251de9e4204c7b9d5c65729dce401eb\"\u003e\u003ccode\u003e3f1d680\u003c/code\u003e\u003c/a\u003e feat: add prompt caching to python sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2246\"\u003e#2246\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.4.12...v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.49 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.49...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://...\n\n_Description has been truncated_","html_url":"https://github.com/stvn101/n8n/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/stvn101%2Fn8n/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4506755527","node_id":"PR_kwDOQR8Hk87ejRCl","number":80,"state":"open","title":"chore(deps)(deps): bump the backend-minor-patch group across 1 directory with 34 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T03:59:59.000Z","updated_at":"2026-05-23T04:00:00.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"backend-minor-patch","update_count":34,"packages":[{"name":"@ai-sdk/langchain","old_version":"2.0.174","new_version":"2.0.197","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/openai","old_version":"3.0.53","new_version":"3.0.65","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/react","old_version":"3.0.170","new_version":"3.0.193","repository_url":"https://github.com/vercel/ai"},{"name":"@anthropic-ai/sdk","old_version":"0.92.0","new_version":"0.98.0","repository_url":"https://github.com/anthropics/anthropic-sdk-typescript"},{"name":"@aws-sdk/client-s3","old_version":"3.1050.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.1050.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@elevenlabs/elevenlabs-js","old_version":"2.25.1","new_version":"2.49.1","repository_url":"https://github.com/elevenlabs/elevenlabs-js"},{"name":"@fal-ai/client","old_version":"1.7.0","new_version":"1.10.1","repository_url":"https://github.com/fal-ai/fal-js"},{"name":"@langchain/langgraph","old_version":"1.2.9","new_version":"1.3.2","repository_url":"https://github.com/langchain-ai/langgraphjs"},{"name":"@langchain/openai","old_version":"1.4.4","new_version":"1.4.7","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@mozilla/readability","old_version":"0.5.0","new_version":"0.6.0","repository_url":"https://github.com/mozilla/readability"},{"name":"@opentelemetry/auto-instrumentations-node","old_version":"0.74.0","new_version":"0.76.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js-contrib"},{"name":"@opentelemetry/exporter-trace-otlp-http","old_version":"0.216.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/sdk-node","old_version":"0.216.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@sentry/node","old_version":"10.51.0","new_version":"10.53.1","repository_url":"https://github.com/getsentry/sentry-javascript"},{"name":"ai","old_version":"6.0.168","new_version":"6.0.191","repository_url":"https://github.com/vercel/ai"},{"name":"bcryptjs","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/dcodeIO/bcrypt.js"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.77.1","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"cors","old_version":"2.8.5","new_version":"2.8.6","repository_url":"https://github.com/expressjs/cors"},{"name":"docx","old_version":"9.5.1","new_version":"9.6.1","repository_url":"https://github.com/dolanmiu/docx"},{"name":"docxtemplater","old_version":"3.67.1","new_version":"3.68.7","repository_url":"https://github.com/open-xml-templating/docxtemplater"},{"name":"express-session","old_version":"1.18.2","new_version":"1.19.0","repository_url":"https://github.com/expressjs/session"},{"name":"express-validator","old_version":"7.3.0","new_version":"7.3.2","repository_url":"https://github.com/express-validator/express-validator"},{"name":"fast-xml-parser","old_version":"5.7.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"google-auth-library","old_version":"10.5.0","new_version":"10.6.2","repository_url":"https://github.com/googleapis/google-cloud-node-core"},{"name":"jsonwebtoken","old_version":"9.0.2","new_version":"9.0.3","repository_url":"https://github.com/auth0/node-jsonwebtoken"},{"name":"langchain","old_version":"1.3.4","new_version":"1.4.2","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"langsmith","old_version":"0.5.25","new_version":"0.7.2","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"pdfkit","old_version":"0.17.2","new_version":"0.18.0","repository_url":"https://github.com/foliojs/pdfkit"},{"name":"playwright","old_version":"1.56.1","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"sharp","old_version":"0.34.4","new_version":"0.34.5","repository_url":"https://github.com/lovell/sharp"},{"name":"user-agents","old_version":"2.1.42","new_version":"2.1.68","repository_url":"https://github.com/intoli/user-agents"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"nodemon","old_version":"3.1.10","new_version":"3.1.14","repository_url":"https://github.com/remy/nodemon"}],"path":null,"ecosystem":"npm"},"body":"Bumps the backend-minor-patch group with 34 updates in the /backend directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@ai-sdk/langchain](https://github.com/vercel/ai/tree/HEAD/packages/langchain) | `2.0.174` | `2.0.197` |\n| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `3.0.53` | `3.0.65` |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `3.0.170` | `3.0.193` |\n| [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.92.0` | `0.98.0` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1050.0` | `3.1053.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.1050.0` | `3.1053.0` |\n| [@elevenlabs/elevenlabs-js](https://github.com/elevenlabs/elevenlabs-js) | `2.25.1` | `2.49.1` |\n| [@fal-ai/client](https://github.com/fal-ai/fal-js/tree/HEAD/libs/client) | `1.7.0` | `1.10.1` |\n| [@langchain/langgraph](https://github.com/langchain-ai/langgraphjs/tree/HEAD/libs/langgraph-core) | `1.2.9` | `1.3.2` |\n| [@langchain/openai](https://github.com/langchain-ai/langchainjs) | `1.4.4` | `1.4.7` |\n| [@mozilla/readability](https://github.com/mozilla/readability) | `0.5.0` | `0.6.0` |\n| [@opentelemetry/auto-instrumentations-node](https://github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/auto-instrumentations-node) | `0.74.0` | `0.76.0` |\n| [@opentelemetry/exporter-trace-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` |\n| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.51.0` | `10.53.1` |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `6.0.168` | `6.0.191` |\n| [bcryptjs](https://github.com/dcodeIO/bcrypt.js) | `3.0.2` | `3.0.3` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.77.1` |\n| [cors](https://github.com/expressjs/cors) | `2.8.5` | `2.8.6` |\n| [docx](https://github.com/dolanmiu/docx) | `9.5.1` | `9.6.1` |\n| [docxtemplater](https://github.com/open-xml-templating/docxtemplater) | `3.67.1` | `3.68.7` |\n| [express-session](https://github.com/expressjs/session) | `1.18.2` | `1.19.0` |\n| [express-validator](https://github.com/express-validator/express-validator) | `7.3.0` | `7.3.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.7.3` | `5.8.0` |\n| [google-auth-library](https://github.com/googleapis/google-cloud-node-core/tree/HEAD/packages/google-auth-library-nodejs) | `10.5.0` | `10.6.2` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `9.0.2` | `9.0.3` |\n| [langchain](https://github.com/langchain-ai/langchainjs) | `1.3.4` | `1.4.2` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.5.25` | `0.7.2` |\n| [pdfkit](https://github.com/foliojs/pdfkit) | `0.17.2` | `0.18.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.56.1` | `1.60.0` |\n| [sharp](https://github.com/lovell/sharp) | `0.34.4` | `0.34.5` |\n| [user-agents](https://github.com/intoli/user-agents) | `2.1.42` | `2.1.68` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n| [nodemon](https://github.com/remy/nodemon) | `3.1.10` | `3.1.14` |\n\n\nUpdates `@ai-sdk/langchain` from 2.0.174 to 2.0.197\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/langchain's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.197\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.196\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.195\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.194\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/langchain@2.0.197/packages/langchain/CHANGELOG.md\"\u003e@​ai-sdk/langchain's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.0.197\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.196\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.195\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.194\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/langchain@2.0.197/packages/langchain\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/openai` from 3.0.53 to 3.0.65\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/openai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/openai@3.0.65/packages/openai/CHANGELOG.md\"\u003e@​ai-sdk/openai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.64\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb7ed8bd: feat(openai): add opt-in pass-through for unsupported file media types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.63\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [f591416]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.27\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.62\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e65edcca: feat: add allowedTools provider option for OpenAI Responses\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.61\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb93f9b4: feat(provider/openai): forward imageDetail providerOptions on tool-result image content\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.60\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e6dcd8e6: feat(openai): add GPT-5.5 chat model IDs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.59\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e38966ab: fix(openai, openai-compatible): only send null content for assistant messages with tool calls\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.58\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2370948: feat(openai): preserve \u003ccode\u003enamespace\u003c/code\u003e on function_call output items\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.57\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/eb523789b342aa21742c0a06f531604782820aff\"\u003e\u003ccode\u003eeb52378\u003c/code\u003e\u003c/a\u003e Backport: fix(openai): skip passing reasoning items when using previous respo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b7ed8bdac18d2e71b4c392f08c8d8f03204ca8f4\"\u003e\u003ccode\u003eb7ed8bd\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add opt-in pass-through for unsupported file media ty...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e3ccdb5987c07459ffd9be56088c5ac9d142fba2\"\u003e\u003ccode\u003ee3ccdb5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15094\"\u003e#15094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bf9de314a7e747019d73dedad7c840da25cc94d5\"\u003e\u003ccode\u003ebf9de31\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15046\"\u003e#15046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/65edcca7edb360ea6c3fa703ff5662c893e9ec0b\"\u003e\u003ccode\u003e65edcca\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add allowedTools provider option for Responses (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15044\"\u003e#15044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/ee37690cc8bcf97710ba391dde4fdfca3c1e1405\"\u003e\u003ccode\u003eee37690\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15020\"\u003e#15020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b93f9b4f806c59fce982c42d4dfa7d19f4a1f928\"\u003e\u003ccode\u003eb93f9b4\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): forward imageDetail providerOptions on tool-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c7061114178e8bf86cc9ac604ebbbe0e7866c7eb\"\u003e\u003ccode\u003ec706111\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/14971\"\u003e#14971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/openai@3.0.65/packages/openai\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/react` from 3.0.170 to 3.0.193\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.193/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.189\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.188\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.186\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.193/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/react\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@anthropic-ai/sdk` from 0.92.0 to 0.98.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/releases\"\u003e@​anthropic-ai/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esdk: v0.98.0\u003c/h2\u003e\n\u003ch2\u003e0.98.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.1...sdk-v0.98.0\"\u003esdk-v0.97.1...sdk-v0.98.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/0528d47b0a390ee7f88d72f85ffe6079ae1c6c00\"\u003e0528d47\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.1\u003c/h2\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.0\u003c/h2\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.96.0\u003c/h2\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md\"\u003e@​anthropic-ai/sdk's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.98.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.1...sdk-v0.98.0\"\u003esdk-v0.97.1...sdk-v0.98.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/0528d47b0a390ee7f88d72f85ffe6079ae1c6c00\"\u003e0528d47\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e) (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9e08bcc988697c195b31569b7519b7954aea6372\"\u003e9e08bcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/32ce8c0d08074532deb3a3be9dc128cd7924092e\"\u003e\u003ccode\u003e32ce8c0\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1873a96304c3212b54de9f7b0db9a1df18583b1c\"\u003e\u003ccode\u003e1873a96\u003c/code\u003e\u003c/a\u003e feat(api): Add support for thinking-token-count beta for estimated tokens in ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/ac9ece3c566b4488dcf73849c17b656ec2d7d17d\"\u003e\u003ccode\u003eac9ece3\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1987147935325ea6b1e0f96cea6851c9d407e6c2\"\u003e\u003ccode\u003e1987147\u003c/code\u003e\u003c/a\u003e fix(runner): skip tool calls SessionToolRunner does not own\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/409ff0e5027422a5ede84280cb851c1de108c246\"\u003e\u003ccode\u003e409ff0e\u003c/code\u003e\u003c/a\u003e chore: release main (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/1052\"\u003e#1052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/a53f60d59ca904f3e79296586642aac3ce68ae02\"\u003e\u003ccode\u003ea53f60d\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/d1b8d04617c5167f1296520b4c9b1156d0482159\"\u003e\u003ccode\u003ed1b8d04\u003c/code\u003e\u003c/a\u003e feat(api): Add support for cache diagnostics beta\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/8e43bf81bc7029411e5a3b81b485d8dda364b376\"\u003e\u003ccode\u003e8e43bf8\u003c/code\u003e\u003c/a\u003e chore(api): spec updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/697e4d592bb3a1258788bd3064ac4dc35671e896\"\u003e\u003ccode\u003e697e4d5\u003c/code\u003e\u003c/a\u003e codegen metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cd5801cbf6cc4db5f6eee155643294feda0ba588\"\u003e\u003ccode\u003ecd5801c\u003c/code\u003e\u003c/a\u003e feat(api): Add BetaManagedAgentsSearchResultBlock types\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.92.0...sdk-v0.98.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/client-s3` from 3.1050.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/69e44c0d790426ebf70e3b16b7b2a32ea94c9207\"\u003e69e44c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-panorama:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d227732b924cfcefad956561e9d000226b6472a1\"\u003ed227732b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-license-manager-user-subscriptions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7fd5d2020b79ef05efcf6857ce1d3b81ef51d781\"\u003e7fd5d202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-partnercentral-account:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ad88edbb4a8ef4029b1d7897f7221c50da491865\"\u003ead88edbb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-schemas:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d8835cfc2971415619c70bd9d298fd2498d8d4b8\"\u003ed8835cfc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-pi:\u003c/strong\u003e  Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b09c19bf6e70f660073b94da11abf5ea4e6ea882\"\u003eb09c19bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-outposts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6e7917a6e550d5190564edefc4f65ea392d864ab\"\u003e6e7917a6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-frauddetector:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9c130d58eb968baaaf07f9f45eae3f01ae7d4d59\"\u003e9c130d58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-network-firewall:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/963a1286bf936d17d6e0df5aad2e1ffb602e469e\"\u003e963a1286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-geo-places:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/965ac97a33901ae783e8ea29c56b80380951d211\"\u003e965ac97a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sesv2:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6f1bd2e812a1aef1c515999880d5de6614562d45\"\u003e6f1bd2e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agent-runtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7ac37e3af8fc13de2a6e5127d417f8a7ecb621a5\"\u003e7ac37e3a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rbin:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5e73fd45b4407462c931a4f82a025d1c2d1d93a9\"\u003e5e73fd45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-codestar-notifications:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d95ca14cfe7e22f165246649e0979be415718077\"\u003ed95ca14c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-application-signals:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/38a20bfa5b7ebd899bbb4382366e6a06e27dc286\"\u003e38a20bfa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bc91aa621fed3c15fecfe07660458aafa59242df\"\u003ebc91aa62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-marketplace-discovery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45132960757e60a48c2eef3b36350c282b32f727\"\u003e45132960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-notificationscontacts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e9ca97abed6a82e58c6ae305eeda869b13c5b008\"\u003ee9ca97ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md\"\u003e@​aws-sdk/client-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1052.0...v3.1053.0\"\u003e3.1053.0\u003c/a\u003e (2026-05-22)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1051.0...v3.1052.0\"\u003e3.1052.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1050.0...v3.1051.0\"\u003e3.1051.0\u003c/a\u003e (2026-05-20)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ef69ea687c15e9aae0568660ba3bcdd5174fbec6\"\u003e\u003ccode\u003eef69ea6\u003c/code\u003e\u003c/a\u003e Publish v3.1053.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/443d6beaebc2b72a5b37816657954f4bd2cf68a5\"\u003e\u003ccode\u003e443d6be\u003c/code\u003e\u003c/a\u003e Publish v3.1052.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0d6242dc938f36ac77e337d39f577e8727f87926\"\u003e\u003ccode\u003e0d6242d\u003c/code\u003e\u003c/a\u003e chore(codegen): update \u003ca href=\"https://github.com/smithy\"\u003e\u003ccode\u003e@​smithy\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8038\"\u003e#8038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b825c136cb984e7d0a4cda429201175c95ba033d\"\u003e\u003ccode\u003eb825c13\u003c/code\u003e\u003c/a\u003e Publish v3.1051.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/clients/client-s3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/s3-request-presigner` from 3.1050.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/s3-request-presigner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/69e44c0d790426ebf70e3b16b7b2a32ea94c9207\"\u003e69e44c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-panorama:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d227732b924cfcefad956561e9d000226b6472a1\"\u003ed227732b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-license-manager-user-subscriptions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7fd5d2020b79ef05efcf6857ce1d3b81ef51d781\"\u003e7fd5d202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-partnercentral-account:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ad88edbb4a8ef4029b1d7897f7221c50da491865\"\u003ead88edbb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-schemas:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d8835cfc2971415619c70bd9d298fd2498d8d4b8\"\u003ed8835cfc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-pi:\u003c/strong\u003e  Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b09c19bf6e70f660073b94da11abf5ea4e6ea882\"\u003eb09c19bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-outposts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6e7917a6e550d5190564edefc4f65ea392d864ab\"\u003e6e7917a6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-frauddetector:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9c130d58eb968baaaf07f9f45eae3f01ae7d4d59\"\u003e9c130d58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-network-firewall:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/963a1286bf936d17d6e0df5aad2e1ffb602e469e\"\u003e963a1286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-geo-places:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/965ac97a33901ae783e8ea29c56b80380951d211\"\u003e965ac97a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sesv2:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6f1bd2e812a1aef1c515999880d5de6614562d45\"\u003e6f1bd2e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agent-runtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7ac37e3af8fc13de2a6e5127d417f8a7ecb621a5\"\u003e7ac37e3a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rbin:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5e73fd45b4407462c931a4f82a025d1c2d1d93a9\"\u003e5e73fd45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-codestar-notifications:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d95ca14cfe7e22f165246649e0979be415718077\"\u003ed95ca14c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-application-signals:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/38a20bfa5b7ebd899bbb4382366e6a06e27dc286\"\u003e38a20bfa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bc91aa621fed3c15fecfe07660458aafa59242df\"\u003ebc91aa62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-marketplace-discovery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45132960757e60a48c2eef3b36350c282b32f727\"\u003e45132960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-notificationscontacts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e9ca97abed6a82e58c6ae305eeda869b13c5b008\"\u003ee9ca97ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/packages/s3-request-presigner/CHANGELOG.md\"\u003e@​aws-sdk/s3-request-presigner's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1052.0...v3.1053.0\"\u003e3.1053.0\u003c/a\u003e (2026-05-22)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1051.0...v3.1052.0\"\u003e3.1052.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1050.0...v3.1051.0\"\u003e3.1051.0\u003c/a\u003e (2026-05-20)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ef69ea687c15e9aae0568660ba3bcdd5174fbec6\"\u003e\u003ccode\u003eef69ea6\u003c/code\u003e\u003c/a\u003e Publish v3.1053.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/443d6beaebc2b72a5b37816657954f4bd2cf68a5\"\u003e\u003ccode\u003e443d6be\u003c/code\u003e\u003c/a\u003e Publish v3.1052.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0d6242dc938f36ac77e337d39f577e8727f87926\"\u003e\u003ccode\u003e0d6242d\u003c/code\u003e\u003c/a\u003e chore(codegen): update \u003ca href=\"https://github.com/smithy\"\u003e\u003ccode\u003e@​smithy\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner/issues/8038\"\u003e#8038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b825c136cb984e7d0a4cda429201175c95ba033d\"\u003e\u003ccode\u003eb825c13\u003c/code\u003e\u003c/a\u003e Publish v3.1051.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/packages/s3-request-presigner\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elevenlabs/elevenlabs-js` from 2.25.1 to 2.49.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/releases\"\u003e@​elevenlabs/elevenlabs-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.49.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Speech Engine] Add full response to Speech Engine API calls by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/396\"\u003eelevenlabs/elevenlabs-js#396\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.49.0...v2.49.1\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.49.0...v2.49.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.49.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd new environment for publish action by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/385\"\u003eelevenlabs/elevenlabs-js#385\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ws from 8.18.3 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/387\"\u003eelevenlabs/elevenlabs-js#387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.8 to 4.7.9 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/388\"\u003eelevenlabs/elevenlabs-js#388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-uri from 3.1.0 to 3.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/389\"\u003eelevenlabs/elevenlabs-js#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/390\"\u003eelevenlabs/elevenlabs-js#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 2.3.1 to 2.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/391\"\u003eelevenlabs/elevenlabs-js#391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSDK regeneration by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/393\"\u003eelevenlabs/elevenlabs-js#393\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/387\"\u003eelevenlabs/elevenlabs-js#387\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.48.0...v2.49.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.48.0...v2.49.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.48.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd environment configuration to conversation initiation data and events by \u003ca href=\"https://github.com/pmarkert\"\u003e\u003ccode\u003e@​pmarkert\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/382\"\u003eelevenlabs/elevenlabs-js#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 18, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/384\"\u003eelevenlabs/elevenlabs-js#384\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pmarkert\"\u003e\u003ccode\u003e@​pmarkert\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/382\"\u003eelevenlabs/elevenlabs-js#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.47.0...v2.48.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.47.0...v2.48.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.47.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 12, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/381\"\u003eelevenlabs/elevenlabs-js#381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpeech Engine SDK by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/365\"\u003eelevenlabs/elevenlabs-js#365\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.46.0...v2.47.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.46.0...v2.47.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.46.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 7, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/380\"\u003eelevenlabs/elevenlabs-js#380\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.45.0...v2.46.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.45.0...v2.46.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.45.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd keyterms and noVerbatim to Scribe realtime API by \u003ca href=\"https://github.com/kraenhansen\"\u003e\u003ccode\u003e@​kraenhansen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/376\"\u003eelevenlabs/elevenlabs-js#376\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/de61f83d12c24caaeddbe5127e980d623a146219\"\u003e\u003ccode\u003ede61f83\u003c/code\u003e\u003c/a\u003e [Speech Engine] Add full response to Speech Engine API calls (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/396\"\u003e#396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/ce5e816b02d6ee652e144660cde533225a31d56f\"\u003e\u003ccode\u003ece5e816\u003c/code\u003e\u003c/a\u003e SDK regeneration (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/393\"\u003e#393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/c316672d7fc9d3bf902b633226969929adad0dca\"\u003e\u003ccode\u003ec316672\u003c/code\u003e\u003c/a\u003e Bump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/391\"\u003e#391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/90a0b2f7bafec7c4092517cb5baf1a13a202ab0a\"\u003e\u003ccode\u003e90a0b2f\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/390\"\u003e#390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/d94bcf977baf7b09d1cc0fb3370d12b2f24b4ecd\"\u003e\u003ccode\u003ed94bcf9\u003c/code\u003e\u003c/a\u003e Bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/4ead10594456ef36f6488006c8fde76d3b027c70\"\u003e\u003ccode\u003e4ead105\u003c/code\u003e\u003c/a\u003e Bump handlebars from 4.7.8 to 4.7.9 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/388\"\u003e#388\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/d76478e7a1691c17dee4ada1383afc87a1b7a38a\"\u003e\u003ccode\u003ed76478e\u003c/code\u003e\u003c/a\u003e Bump ws from 8.18.3 to 8.20.1 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/387\"\u003e#387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/6c791ba134eb9231187faecf04b038121150c697\"\u003e\u003ccode\u003e6c791ba\u003c/code\u003e\u003c/a\u003e Add new environment for publish action (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/385\"\u003e#385\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/f1b560be66c2c5311362ee7a01a8de009e92ccb7\"\u003e\u003ccode\u003ef1b560b\u003c/code\u003e\u003c/a\u003e SDK regeneration (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/384\"\u003e#384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/082f76b59c4a365e967210f2b89ebafba99c90b1\"\u003e\u003ccode\u003e082f76b\u003c/code\u003e\u003c/a\u003e Add environment configuration to conversation initiation data and events (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/382\"\u003e#382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.25.1...v2.49.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fal-ai/client` from 1.7.0 to 1.10.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fal-ai/fal-js/releases\"\u003e@​fal-ai/client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eclient-v1.10.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(client): retry Node-level transport errors in subscribe/dispatch by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/211\"\u003efal-ai/fal-js#211\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.10.0...client-v1.10.1\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.10.0...client-v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(client): allow proxy middleware in non-browser runtimes by \u003ca href=\"https://github.com/drochetti\"\u003e\u003ccode\u003e@​drochetti\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/209\"\u003efal-ai/fal-js#209\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.6...client-v1.10.0\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.6...client-v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(realtime): connection closed transition expires token by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/201\"\u003efal-ai/fal-js#201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecleanup realtime state machine and support live references by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/202\"\u003efal-ai/fal-js#202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: supply chain security, enforce minimum age for node dependencies by \u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/205\"\u003efal-ai/fal-js#205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update endpoint types by \u003ca href=\"https://github.com/aykutkardas\"\u003e\u003ccode\u003e@​aykutkardas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/192\"\u003efal-ai/fal-js#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(client): expose lifecycle ACL options in storage settings by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/208\"\u003efal-ai/fal-js#208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: pin GitHub Actions to full commit SHAs by \u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/207\"\u003efal-ai/fal-js#207\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/205\"\u003efal-ai/fal-js#205\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.6\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(realtime): connection closed transition expires token by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/201\"\u003efal-ai/fal-js#201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.5\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use rest.fal.ai by \u003ca href=\"https://github.com/dazip\"\u003e\u003ccode\u003e@​dazip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/198\"\u003efal-ai/fal-js#198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(realtime): refresh tokens in background without dropping the WebSocket connection by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/200\"\u003efal-ai/fal-js#200\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.4\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use rest.fal.ai by \u003ca href=\"https://github.com/dazip\"\u003e\u003ccode\u003e@​dazip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/198\"\u003efal-ai/fal-js#198\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.3\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/442a7571dfa5ea5cf9d2a1192113f207f9bd718c\"\u003e\u003ccode\u003e442a757\u003c/code\u003e\u003c/a\u003e fix(client): retry Node-level transport errors in subscribe/dispatch (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/211\"\u003e#211\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/f12065b6204df92b5b46db11860a7dd3753bd879\"\u003e\u003ccode\u003ef12065b\u003c/code\u003e\u003c/a\u003e feat(client): allow proxy middleware in non-browser runtimes (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/209\"\u003e#209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/f22b69ec10646df097d5f7c89ae2d7372c0518ed\"\u003e\u003ccode\u003ef22b69e\u003c/code\u003e\u003c/a\u003e chore(client): release 1.9.6 and update reference docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/153ed5697302866752d20c205a85030d929ed48c\"\u003e\u003ccode\u003e153ed56\u003c/code\u003e\u003c/a\u003e feat(client): expose lifecycle ACL options in storage settings (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/208\"\u003e#208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/9830f25d025218a0d5eb684ab5193cad58d95955\"\u003e\u003ccode\u003e9830f25\u003c/code\u003e\u003c/a\u003e chore: update endpoint types (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/192\"\u003e#192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/05d73020ecb04dfc23b6a630794f679e4d43ea86\"\u003e\u003ccode\u003e05d7302\u003c/code\u003e\u003c/a\u003e cleanup realtime state machine and support live references (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/5a97ffa4d4c769501f2bec5f504c6d117d52ad39\"\u003e\u003ccode\u003e5a97ffa\u003c/code\u003e\u003c/a\u003e fix(realtime): refresh tokens in background and clear on disconnect (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/b8029266fa1db9e1d9d9bdcddbe57deb21bc89e4\"\u003e\u003ccode\u003eb802926\u003c/code\u003e\u003c/a\u003e fix(realtime): refresh tokens in background without dropping the WebSocket co...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/ea9fc05f35a6919a6a450a9d86f18a3336d73ee0\"\u003e\u003ccode\u003eea9fc05\u003c/code\u003e\u003c/a\u003e fix: use rest.fal.ai (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/6603299cd3f1424b4cfd7bcc6725fe7dae9b80c9\"\u003e\u003ccode\u003e6603299\u003c/code\u003e\u003c/a\u003e feat(client): pass normalized app+path to TokenProvider (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/196\"\u003e#196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fal-ai/fal-js/commits/client-v1.10.1/libs/client\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fal-ai/client\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/langgraph` from 1.2.9 to 1.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langgraphjs/releases\"\u003e@​langchain/langgraph's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/langgraph\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.3.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langgraphjs/pull/2415\"\u003e#2415\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langgraphjs/commit/9d3c9dd3182059f9eca9fd9b14d8f7466b4338c4\"\u003e\u003ccode\u003e9d3c9dd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - Move \u003ccode\u003e@langchain/core\u003c/code\u003e from a runtime dependency back to a required peer dependency so installing the SDK alone no longer pulls in \u003ccode\u003e@langchain/core\u003c/code\u003e (and \u003ccode\u003ejs-tiktoken\u003c/code\u003e, etc.). Consumers that use streaming or message coercion must install \u003ccode\u003e@langchain/core\u003c/code\u003e explicitly or via \u003ccode\u003e@langchain/lan...\n\n_Description has been truncated_","html_url":"https://github.com/SiraGPT-ORg/siraGPT/pull/80","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiraGPT-ORg%2FsiraGPT/issues/80","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/80/packages"},{"uuid":"4506579131","node_id":"PR_kwDOQR8Hk87eivWN","number":79,"state":"open","title":"chore(deps)(deps): bump the backend-minor-patch group across 1 directory with 33 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T02:39:53.000Z","updated_at":"2026-05-23T02:39:54.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"backend-minor-patch","update_count":33,"packages":[{"name":"@ai-sdk/langchain","old_version":"2.0.174","new_version":"2.0.197","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/openai","old_version":"3.0.53","new_version":"3.0.65","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/react","old_version":"3.0.170","new_version":"3.0.193","repository_url":"https://github.com/vercel/ai"},{"name":"@anthropic-ai/sdk","old_version":"0.92.0","new_version":"0.98.0","repository_url":"https://github.com/anthropics/anthropic-sdk-typescript"},{"name":"@aws-sdk/client-s3","old_version":"3.1050.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.1050.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@elevenlabs/elevenlabs-js","old_version":"2.25.1","new_version":"2.49.1","repository_url":"https://github.com/elevenlabs/elevenlabs-js"},{"name":"@fal-ai/client","old_version":"1.7.0","new_version":"1.10.1","repository_url":"https://github.com/fal-ai/fal-js"},{"name":"@langchain/langgraph","old_version":"1.2.9","new_version":"1.3.2","repository_url":"https://github.com/langchain-ai/langgraphjs"},{"name":"@langchain/openai","old_version":"1.4.4","new_version":"1.4.7","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@opentelemetry/auto-instrumentations-node","old_version":"0.74.0","new_version":"0.76.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js-contrib"},{"name":"@opentelemetry/exporter-trace-otlp-http","old_version":"0.216.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/sdk-node","old_version":"0.216.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@sentry/node","old_version":"10.51.0","new_version":"10.53.1","repository_url":"https://github.com/getsentry/sentry-javascript"},{"name":"ai","old_version":"6.0.168","new_version":"6.0.191","repository_url":"https://github.com/vercel/ai"},{"name":"bcryptjs","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/dcodeIO/bcrypt.js"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.77.1","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"cors","old_version":"2.8.5","new_version":"2.8.6","repository_url":"https://github.com/expressjs/cors"},{"name":"docx","old_version":"9.5.1","new_version":"9.6.1","repository_url":"https://github.com/dolanmiu/docx"},{"name":"docxtemplater","old_version":"3.67.1","new_version":"3.68.7","repository_url":"https://github.com/open-xml-templating/docxtemplater"},{"name":"express-session","old_version":"1.18.2","new_version":"1.19.0","repository_url":"https://github.com/expressjs/session"},{"name":"express-validator","old_version":"7.3.0","new_version":"7.3.2","repository_url":"https://github.com/express-validator/express-validator"},{"name":"fast-xml-parser","old_version":"5.7.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"google-auth-library","old_version":"10.5.0","new_version":"10.6.2","repository_url":"https://github.com/googleapis/google-cloud-node-core"},{"name":"jsonwebtoken","old_version":"9.0.2","new_version":"9.0.3","repository_url":"https://github.com/auth0/node-jsonwebtoken"},{"name":"langchain","old_version":"1.3.4","new_version":"1.4.2","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"langsmith","old_version":"0.5.25","new_version":"0.7.2","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"pdfkit","old_version":"0.17.2","new_version":"0.18.0","repository_url":"https://github.com/foliojs/pdfkit"},{"name":"playwright","old_version":"1.56.1","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"sharp","old_version":"0.34.4","new_version":"0.34.5","repository_url":"https://github.com/lovell/sharp"},{"name":"user-agents","old_version":"2.1.42","new_version":"2.1.68","repository_url":"https://github.com/intoli/user-agents"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"nodemon","old_version":"3.1.10","new_version":"3.1.14","repository_url":"https://github.com/remy/nodemon"}],"path":null,"ecosystem":"npm"},"body":"Bumps the backend-minor-patch group with 33 updates in the /backend directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@ai-sdk/langchain](https://github.com/vercel/ai/tree/HEAD/packages/langchain) | `2.0.174` | `2.0.197` |\n| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `3.0.53` | `3.0.65` |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `3.0.170` | `3.0.193` |\n| [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.92.0` | `0.98.0` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1050.0` | `3.1053.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.1050.0` | `3.1053.0` |\n| [@elevenlabs/elevenlabs-js](https://github.com/elevenlabs/elevenlabs-js) | `2.25.1` | `2.49.1` |\n| [@fal-ai/client](https://github.com/fal-ai/fal-js/tree/HEAD/libs/client) | `1.7.0` | `1.10.1` |\n| [@langchain/langgraph](https://github.com/langchain-ai/langgraphjs/tree/HEAD/libs/langgraph-core) | `1.2.9` | `1.3.2` |\n| [@langchain/openai](https://github.com/langchain-ai/langchainjs) | `1.4.4` | `1.4.7` |\n| [@opentelemetry/auto-instrumentations-node](https://github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/auto-instrumentations-node) | `0.74.0` | `0.76.0` |\n| [@opentelemetry/exporter-trace-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` |\n| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.51.0` | `10.53.1` |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `6.0.168` | `6.0.191` |\n| [bcryptjs](https://github.com/dcodeIO/bcrypt.js) | `3.0.2` | `3.0.3` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.77.1` |\n| [cors](https://github.com/expressjs/cors) | `2.8.5` | `2.8.6` |\n| [docx](https://github.com/dolanmiu/docx) | `9.5.1` | `9.6.1` |\n| [docxtemplater](https://github.com/open-xml-templating/docxtemplater) | `3.67.1` | `3.68.7` |\n| [express-session](https://github.com/expressjs/session) | `1.18.2` | `1.19.0` |\n| [express-validator](https://github.com/express-validator/express-validator) | `7.3.0` | `7.3.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.7.3` | `5.8.0` |\n| [google-auth-library](https://github.com/googleapis/google-cloud-node-core/tree/HEAD/packages/google-auth-library-nodejs) | `10.5.0` | `10.6.2` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `9.0.2` | `9.0.3` |\n| [langchain](https://github.com/langchain-ai/langchainjs) | `1.3.4` | `1.4.2` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.5.25` | `0.7.2` |\n| [pdfkit](https://github.com/foliojs/pdfkit) | `0.17.2` | `0.18.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.56.1` | `1.60.0` |\n| [sharp](https://github.com/lovell/sharp) | `0.34.4` | `0.34.5` |\n| [user-agents](https://github.com/intoli/user-agents) | `2.1.42` | `2.1.68` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n| [nodemon](https://github.com/remy/nodemon) | `3.1.10` | `3.1.14` |\n\n\nUpdates `@ai-sdk/langchain` from 2.0.174 to 2.0.197\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/langchain's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.197\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.196\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.195\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.194\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/langchain@2.0.197/packages/langchain/CHANGELOG.md\"\u003e@​ai-sdk/langchain's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.0.197\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.196\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.195\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.194\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/langchain@2.0.197/packages/langchain\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/openai` from 3.0.53 to 3.0.65\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/openai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/openai@3.0.65/packages/openai/CHANGELOG.md\"\u003e@​ai-sdk/openai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.64\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb7ed8bd: feat(openai): add opt-in pass-through for unsupported file media types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.63\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [f591416]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.27\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.62\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e65edcca: feat: add allowedTools provider option for OpenAI Responses\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.61\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb93f9b4: feat(provider/openai): forward imageDetail providerOptions on tool-result image content\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.60\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e6dcd8e6: feat(openai): add GPT-5.5 chat model IDs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.59\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e38966ab: fix(openai, openai-compatible): only send null content for assistant messages with tool calls\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.58\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2370948: feat(openai): preserve \u003ccode\u003enamespace\u003c/code\u003e on function_call output items\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.57\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/eb523789b342aa21742c0a06f531604782820aff\"\u003e\u003ccode\u003eeb52378\u003c/code\u003e\u003c/a\u003e Backport: fix(openai): skip passing reasoning items when using previous respo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b7ed8bdac18d2e71b4c392f08c8d8f03204ca8f4\"\u003e\u003ccode\u003eb7ed8bd\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add opt-in pass-through for unsupported file media ty...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e3ccdb5987c07459ffd9be56088c5ac9d142fba2\"\u003e\u003ccode\u003ee3ccdb5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15094\"\u003e#15094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bf9de314a7e747019d73dedad7c840da25cc94d5\"\u003e\u003ccode\u003ebf9de31\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15046\"\u003e#15046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/65edcca7edb360ea6c3fa703ff5662c893e9ec0b\"\u003e\u003ccode\u003e65edcca\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add allowedTools provider option for Responses (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15044\"\u003e#15044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/ee37690cc8bcf97710ba391dde4fdfca3c1e1405\"\u003e\u003ccode\u003eee37690\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15020\"\u003e#15020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b93f9b4f806c59fce982c42d4dfa7d19f4a1f928\"\u003e\u003ccode\u003eb93f9b4\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): forward imageDetail providerOptions on tool-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c7061114178e8bf86cc9ac604ebbbe0e7866c7eb\"\u003e\u003ccode\u003ec706111\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/14971\"\u003e#14971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/openai@3.0.65/packages/openai\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/react` from 3.0.170 to 3.0.193\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.193/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.189\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.188\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.186\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.193/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/react\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@anthropic-ai/sdk` from 0.92.0 to 0.98.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/releases\"\u003e@​anthropic-ai/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esdk: v0.98.0\u003c/h2\u003e\n\u003ch2\u003e0.98.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.1...sdk-v0.98.0\"\u003esdk-v0.97.1...sdk-v0.98.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/0528d47b0a390ee7f88d72f85ffe6079ae1c6c00\"\u003e0528d47\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.1\u003c/h2\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.0\u003c/h2\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.96.0\u003c/h2\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md\"\u003e@​anthropic-ai/sdk's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.98.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.1...sdk-v0.98.0\"\u003esdk-v0.97.1...sdk-v0.98.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/0528d47b0a390ee7f88d72f85ffe6079ae1c6c00\"\u003e0528d47\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e) (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9e08bcc988697c195b31569b7519b7954aea6372\"\u003e9e08bcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/32ce8c0d08074532deb3a3be9dc128cd7924092e\"\u003e\u003ccode\u003e32ce8c0\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1873a96304c3212b54de9f7b0db9a1df18583b1c\"\u003e\u003ccode\u003e1873a96\u003c/code\u003e\u003c/a\u003e feat(api): Add support for thinking-token-count beta for estimated tokens in ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/ac9ece3c566b4488dcf73849c17b656ec2d7d17d\"\u003e\u003ccode\u003eac9ece3\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1987147935325ea6b1e0f96cea6851c9d407e6c2\"\u003e\u003ccode\u003e1987147\u003c/code\u003e\u003c/a\u003e fix(runner): skip tool calls SessionToolRunner does not own\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/409ff0e5027422a5ede84280cb851c1de108c246\"\u003e\u003ccode\u003e409ff0e\u003c/code\u003e\u003c/a\u003e chore: release main (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/1052\"\u003e#1052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/a53f60d59ca904f3e79296586642aac3ce68ae02\"\u003e\u003ccode\u003ea53f60d\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/d1b8d04617c5167f1296520b4c9b1156d0482159\"\u003e\u003ccode\u003ed1b8d04\u003c/code\u003e\u003c/a\u003e feat(api): Add support for cache diagnostics beta\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/8e43bf81bc7029411e5a3b81b485d8dda364b376\"\u003e\u003ccode\u003e8e43bf8\u003c/code\u003e\u003c/a\u003e chore(api): spec updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/697e4d592bb3a1258788bd3064ac4dc35671e896\"\u003e\u003ccode\u003e697e4d5\u003c/code\u003e\u003c/a\u003e codegen metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cd5801cbf6cc4db5f6eee155643294feda0ba588\"\u003e\u003ccode\u003ecd5801c\u003c/code\u003e\u003c/a\u003e feat(api): Add BetaManagedAgentsSearchResultBlock types\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.92.0...sdk-v0.98.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/client-s3` from 3.1050.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/69e44c0d790426ebf70e3b16b7b2a32ea94c9207\"\u003e69e44c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-panorama:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d227732b924cfcefad956561e9d000226b6472a1\"\u003ed227732b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-license-manager-user-subscriptions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7fd5d2020b79ef05efcf6857ce1d3b81ef51d781\"\u003e7fd5d202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-partnercentral-account:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ad88edbb4a8ef4029b1d7897f7221c50da491865\"\u003ead88edbb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-schemas:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d8835cfc2971415619c70bd9d298fd2498d8d4b8\"\u003ed8835cfc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-pi:\u003c/strong\u003e  Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b09c19bf6e70f660073b94da11abf5ea4e6ea882\"\u003eb09c19bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-outposts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6e7917a6e550d5190564edefc4f65ea392d864ab\"\u003e6e7917a6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-frauddetector:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9c130d58eb968baaaf07f9f45eae3f01ae7d4d59\"\u003e9c130d58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-network-firewall:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/963a1286bf936d17d6e0df5aad2e1ffb602e469e\"\u003e963a1286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-geo-places:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/965ac97a33901ae783e8ea29c56b80380951d211\"\u003e965ac97a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sesv2:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6f1bd2e812a1aef1c515999880d5de6614562d45\"\u003e6f1bd2e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agent-runtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7ac37e3af8fc13de2a6e5127d417f8a7ecb621a5\"\u003e7ac37e3a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rbin:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5e73fd45b4407462c931a4f82a025d1c2d1d93a9\"\u003e5e73fd45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-codestar-notifications:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d95ca14cfe7e22f165246649e0979be415718077\"\u003ed95ca14c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-application-signals:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/38a20bfa5b7ebd899bbb4382366e6a06e27dc286\"\u003e38a20bfa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bc91aa621fed3c15fecfe07660458aafa59242df\"\u003ebc91aa62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-marketplace-discovery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45132960757e60a48c2eef3b36350c282b32f727\"\u003e45132960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-notificationscontacts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e9ca97abed6a82e58c6ae305eeda869b13c5b008\"\u003ee9ca97ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md\"\u003e@​aws-sdk/client-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1052.0...v3.1053.0\"\u003e3.1053.0\u003c/a\u003e (2026-05-22)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1051.0...v3.1052.0\"\u003e3.1052.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1050.0...v3.1051.0\"\u003e3.1051.0\u003c/a\u003e (2026-05-20)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ef69ea687c15e9aae0568660ba3bcdd5174fbec6\"\u003e\u003ccode\u003eef69ea6\u003c/code\u003e\u003c/a\u003e Publish v3.1053.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/443d6beaebc2b72a5b37816657954f4bd2cf68a5\"\u003e\u003ccode\u003e443d6be\u003c/code\u003e\u003c/a\u003e Publish v3.1052.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0d6242dc938f36ac77e337d39f577e8727f87926\"\u003e\u003ccode\u003e0d6242d\u003c/code\u003e\u003c/a\u003e chore(codegen): update \u003ca href=\"https://github.com/smithy\"\u003e\u003ccode\u003e@​smithy\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8038\"\u003e#8038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b825c136cb984e7d0a4cda429201175c95ba033d\"\u003e\u003ccode\u003eb825c13\u003c/code\u003e\u003c/a\u003e Publish v3.1051.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/clients/client-s3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/s3-request-presigner` from 3.1050.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/s3-request-presigner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/69e44c0d790426ebf70e3b16b7b2a32ea94c9207\"\u003e69e44c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-panorama:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d227732b924cfcefad956561e9d000226b6472a1\"\u003ed227732b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-license-manager-user-subscriptions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7fd5d2020b79ef05efcf6857ce1d3b81ef51d781\"\u003e7fd5d202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-partnercentral-account:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ad88edbb4a8ef4029b1d7897f7221c50da491865\"\u003ead88edbb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-schemas:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d8835cfc2971415619c70bd9d298fd2498d8d4b8\"\u003ed8835cfc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-pi:\u003c/strong\u003e  Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b09c19bf6e70f660073b94da11abf5ea4e6ea882\"\u003eb09c19bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-outposts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6e7917a6e550d5190564edefc4f65ea392d864ab\"\u003e6e7917a6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-frauddetector:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9c130d58eb968baaaf07f9f45eae3f01ae7d4d59\"\u003e9c130d58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-network-firewall:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/963a1286bf936d17d6e0df5aad2e1ffb602e469e\"\u003e963a1286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-geo-places:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/965ac97a33901ae783e8ea29c56b80380951d211\"\u003e965ac97a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sesv2:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6f1bd2e812a1aef1c515999880d5de6614562d45\"\u003e6f1bd2e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agent-runtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7ac37e3af8fc13de2a6e5127d417f8a7ecb621a5\"\u003e7ac37e3a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rbin:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5e73fd45b4407462c931a4f82a025d1c2d1d93a9\"\u003e5e73fd45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-codestar-notifications:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d95ca14cfe7e22f165246649e0979be415718077\"\u003ed95ca14c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-application-signals:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/38a20bfa5b7ebd899bbb4382366e6a06e27dc286\"\u003e38a20bfa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bc91aa621fed3c15fecfe07660458aafa59242df\"\u003ebc91aa62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-marketplace-discovery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45132960757e60a48c2eef3b36350c282b32f727\"\u003e45132960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-notificationscontacts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e9ca97abed6a82e58c6ae305eeda869b13c5b008\"\u003ee9ca97ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/packages/s3-request-presigner/CHANGELOG.md\"\u003e@​aws-sdk/s3-request-presigner's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1052.0...v3.1053.0\"\u003e3.1053.0\u003c/a\u003e (2026-05-22)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1051.0...v3.1052.0\"\u003e3.1052.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1050.0...v3.1051.0\"\u003e3.1051.0\u003c/a\u003e (2026-05-20)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ef69ea687c15e9aae0568660ba3bcdd5174fbec6\"\u003e\u003ccode\u003eef69ea6\u003c/code\u003e\u003c/a\u003e Publish v3.1053.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/443d6beaebc2b72a5b37816657954f4bd2cf68a5\"\u003e\u003ccode\u003e443d6be\u003c/code\u003e\u003c/a\u003e Publish v3.1052.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0d6242dc938f36ac77e337d39f577e8727f87926\"\u003e\u003ccode\u003e0d6242d\u003c/code\u003e\u003c/a\u003e chore(codegen): update \u003ca href=\"https://github.com/smithy\"\u003e\u003ccode\u003e@​smithy\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner/issues/8038\"\u003e#8038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b825c136cb984e7d0a4cda429201175c95ba033d\"\u003e\u003ccode\u003eb825c13\u003c/code\u003e\u003c/a\u003e Publish v3.1051.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/packages/s3-request-presigner\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elevenlabs/elevenlabs-js` from 2.25.1 to 2.49.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/releases\"\u003e@​elevenlabs/elevenlabs-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.49.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Speech Engine] Add full response to Speech Engine API calls by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/396\"\u003eelevenlabs/elevenlabs-js#396\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.49.0...v2.49.1\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.49.0...v2.49.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.49.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd new environment for publish action by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/385\"\u003eelevenlabs/elevenlabs-js#385\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ws from 8.18.3 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/387\"\u003eelevenlabs/elevenlabs-js#387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.8 to 4.7.9 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/388\"\u003eelevenlabs/elevenlabs-js#388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-uri from 3.1.0 to 3.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/389\"\u003eelevenlabs/elevenlabs-js#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/390\"\u003eelevenlabs/elevenlabs-js#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 2.3.1 to 2.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/391\"\u003eelevenlabs/elevenlabs-js#391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSDK regeneration by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/393\"\u003eelevenlabs/elevenlabs-js#393\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/387\"\u003eelevenlabs/elevenlabs-js#387\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.48.0...v2.49.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.48.0...v2.49.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.48.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd environment configuration to conversation initiation data and events by \u003ca href=\"https://github.com/pmarkert\"\u003e\u003ccode\u003e@​pmarkert\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/382\"\u003eelevenlabs/elevenlabs-js#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 18, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/384\"\u003eelevenlabs/elevenlabs-js#384\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pmarkert\"\u003e\u003ccode\u003e@​pmarkert\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/382\"\u003eelevenlabs/elevenlabs-js#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.47.0...v2.48.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.47.0...v2.48.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.47.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 12, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/381\"\u003eelevenlabs/elevenlabs-js#381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpeech Engine SDK by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/365\"\u003eelevenlabs/elevenlabs-js#365\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.46.0...v2.47.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.46.0...v2.47.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.46.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 7, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/380\"\u003eelevenlabs/elevenlabs-js#380\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.45.0...v2.46.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.45.0...v2.46.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.45.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd keyterms and noVerbatim to Scribe realtime API by \u003ca href=\"https://github.com/kraenhansen\"\u003e\u003ccode\u003e@​kraenhansen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/376\"\u003eelevenlabs/elevenlabs-js#376\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/de61f83d12c24caaeddbe5127e980d623a146219\"\u003e\u003ccode\u003ede61f83\u003c/code\u003e\u003c/a\u003e [Speech Engine] Add full response to Speech Engine API calls (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/396\"\u003e#396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/ce5e816b02d6ee652e144660cde533225a31d56f\"\u003e\u003ccode\u003ece5e816\u003c/code\u003e\u003c/a\u003e SDK regeneration (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/393\"\u003e#393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/c316672d7fc9d3bf902b633226969929adad0dca\"\u003e\u003ccode\u003ec316672\u003c/code\u003e\u003c/a\u003e Bump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/391\"\u003e#391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/90a0b2f7bafec7c4092517cb5baf1a13a202ab0a\"\u003e\u003ccode\u003e90a0b2f\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/390\"\u003e#390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/d94bcf977baf7b09d1cc0fb3370d12b2f24b4ecd\"\u003e\u003ccode\u003ed94bcf9\u003c/code\u003e\u003c/a\u003e Bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/4ead10594456ef36f6488006c8fde76d3b027c70\"\u003e\u003ccode\u003e4ead105\u003c/code\u003e\u003c/a\u003e Bump handlebars from 4.7.8 to 4.7.9 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/388\"\u003e#388\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/d76478e7a1691c17dee4ada1383afc87a1b7a38a\"\u003e\u003ccode\u003ed76478e\u003c/code\u003e\u003c/a\u003e Bump ws from 8.18.3 to 8.20.1 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/387\"\u003e#387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/6c791ba134eb9231187faecf04b038121150c697\"\u003e\u003ccode\u003e6c791ba\u003c/code\u003e\u003c/a\u003e Add new environment for publish action (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/385\"\u003e#385\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/f1b560be66c2c5311362ee7a01a8de009e92ccb7\"\u003e\u003ccode\u003ef1b560b\u003c/code\u003e\u003c/a\u003e SDK regeneration (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/384\"\u003e#384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/082f76b59c4a365e967210f2b89ebafba99c90b1\"\u003e\u003ccode\u003e082f76b\u003c/code\u003e\u003c/a\u003e Add environment configuration to conversation initiation data and events (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/382\"\u003e#382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.25.1...v2.49.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fal-ai/client` from 1.7.0 to 1.10.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fal-ai/fal-js/releases\"\u003e@​fal-ai/client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eclient-v1.10.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(client): retry Node-level transport errors in subscribe/dispatch by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/211\"\u003efal-ai/fal-js#211\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.10.0...client-v1.10.1\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.10.0...client-v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(client): allow proxy middleware in non-browser runtimes by \u003ca href=\"https://github.com/drochetti\"\u003e\u003ccode\u003e@​drochetti\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/209\"\u003efal-ai/fal-js#209\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.6...client-v1.10.0\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.6...client-v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(realtime): connection closed transition expires token by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/201\"\u003efal-ai/fal-js#201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecleanup realtime state machine and support live references by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/202\"\u003efal-ai/fal-js#202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: supply chain security, enforce minimum age for node dependencies by \u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/205\"\u003efal-ai/fal-js#205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update endpoint types by \u003ca href=\"https://github.com/aykutkardas\"\u003e\u003ccode\u003e@​aykutkardas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/192\"\u003efal-ai/fal-js#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(client): expose lifecycle ACL options in storage settings by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/208\"\u003efal-ai/fal-js#208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: pin GitHub Actions to full commit SHAs by \u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/207\"\u003efal-ai/fal-js#207\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/205\"\u003efal-ai/fal-js#205\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.6\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(realtime): connection closed transition expires token by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/201\"\u003efal-ai/fal-js#201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.5\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use rest.fal.ai by \u003ca href=\"https://github.com/dazip\"\u003e\u003ccode\u003e@​dazip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/198\"\u003efal-ai/fal-js#198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(realtime): refresh tokens in background without dropping the WebSocket connection by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/200\"\u003efal-ai/fal-js#200\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.4\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use rest.fal.ai by \u003ca href=\"https://github.com/dazip\"\u003e\u003ccode\u003e@​dazip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/198\"\u003efal-ai/fal-js#198\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.3\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/442a7571dfa5ea5cf9d2a1192113f207f9bd718c\"\u003e\u003ccode\u003e442a757\u003c/code\u003e\u003c/a\u003e fix(client): retry Node-level transport errors in subscribe/dispatch (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/211\"\u003e#211\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/f12065b6204df92b5b46db11860a7dd3753bd879\"\u003e\u003ccode\u003ef12065b\u003c/code\u003e\u003c/a\u003e feat(client): allow proxy middleware in non-browser runtimes (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/209\"\u003e#209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/f22b69ec10646df097d5f7c89ae2d7372c0518ed\"\u003e\u003ccode\u003ef22b69e\u003c/code\u003e\u003c/a\u003e chore(client): release 1.9.6 and update reference docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/153ed5697302866752d20c205a85030d929ed48c\"\u003e\u003ccode\u003e153ed56\u003c/code\u003e\u003c/a\u003e feat(client): expose lifecycle ACL options in storage settings (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/208\"\u003e#208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/9830f25d025218a0d5eb684ab5193cad58d95955\"\u003e\u003ccode\u003e9830f25\u003c/code\u003e\u003c/a\u003e chore: update endpoint types (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/192\"\u003e#192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/05d73020ecb04dfc23b6a630794f679e4d43ea86\"\u003e\u003ccode\u003e05d7302\u003c/code\u003e\u003c/a\u003e cleanup realtime state machine and support live references (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/5a97ffa4d4c769501f2bec5f504c6d117d52ad39\"\u003e\u003ccode\u003e5a97ffa\u003c/code\u003e\u003c/a\u003e fix(realtime): refresh tokens in background and clear on disconnect (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/b8029266fa1db9e1d9d9bdcddbe57deb21bc89e4\"\u003e\u003ccode\u003eb802926\u003c/code\u003e\u003c/a\u003e fix(realtime): refresh tokens in background without dropping the WebSocket co...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/ea9fc05f35a6919a6a450a9d86f18a3336d73ee0\"\u003e\u003ccode\u003eea9fc05\u003c/code\u003e\u003c/a\u003e fix: use rest.fal.ai (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/6603299cd3f1424b4cfd7bcc6725fe7dae9b80c9\"\u003e\u003ccode\u003e6603299\u003c/code\u003e\u003c/a\u003e feat(client): pass normalized app+path to TokenProvider (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/196\"\u003e#196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fal-ai/fal-js/commits/client-v1.10.1/libs/client\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fal-ai/client\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/langgraph` from 1.2.9 to 1.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langgraphjs/releases\"\u003e@​langchain/langgraph's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/langgraph\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.3.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langgraphjs/pull/2415\"\u003e#2415\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langgraphjs/commit/9d3c9dd3182059f9eca9fd9b14d8f7466b4338c4\"\u003e\u003ccode\u003e9d3c9dd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - Move \u003ccode\u003e@langchain/core\u003c/code\u003e from a runtime dependency back to a required peer dependency so installing the SDK alone no longer pulls in \u003ccode\u003e@langchain/core\u003c/code\u003e (and \u003ccode\u003ejs-tiktoken\u003c/code\u003e, etc.). Consumers that use streaming or message coercion must install \u003ccode\u003e@langchain/core\u003c/code\u003e explicitly or via \u003ccode\u003e@langchain/langgraph\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/lang...\n\n_Description has been truncated_","html_url":"https://github.com/SiraGPT-ORg/siraGPT/pull/79","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiraGPT-ORg%2FsiraGPT/issues/79","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/79/packages"},{"uuid":"4483327331","node_id":"PR_kwDOOd8CGM7dXcQE","number":5,"state":"closed","title":"build(deps): bump the npm_and_yarn group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-24T07:12:44.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-20T05:07:17.000Z","updated_at":"2026-05-24T07:12:46.000Z","time_to_close":353127,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":15,"packages":[{"name":"langsmith","old_version":"0.3.15","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@langchain/core","old_version":"0.3.40","new_version":"0.3.80","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"axios","old_version":"1.7.9","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"flatted","old_version":"3.3.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.2","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.5.2","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"rollup","old_version":"4.34.7","new_version":"4.60.4","repository_url":"https://github.com/rollup/rollup"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.15","repository_url":"https://github.com/isaacs/node-tar"},{"name":"vite","old_version":"6.1.0","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 14 updates in the /js directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.15` | `0.6.0` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [@langchain/core](https://github.com/langchain-ai/langchainjs) | `0.3.40` | `0.3.80` |\n| [axios](https://github.com/axios/axios) | `1.7.9` | `1.16.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.2` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.2` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `9.0.9` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.2` | `8.5.15` |\n| [rollup](https://github.com/rollup/rollup) | `4.34.7` | `4.60.4` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.15` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.1.0` | `6.4.2` |\n\n\nUpdates `langsmith` from 0.3.15 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(openai): Add use responses API to OpenAI wrapper by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2218\"\u003elangchain-ai/langsmith-sdk#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(py): Fix Python integration tests by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2219\"\u003elangchain-ai/langsmith-sdk#2219\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add invocation param tracing for OpenAI responses wrapper in JS by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2220\"\u003elangchain-ai/langsmith-sdk#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore empty string by \u003ca href=\"https://github.com/hinthornw\"\u003e\u003ccode\u003e@​hinthornw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2225\"\u003elangchain-ai/langsmith-sdk#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove duplicate patch from claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2189\"\u003elangchain-ai/langsmith-sdk#2189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix JS Memory Leak clean child_runs by \u003ca href=\"https://github.com/amodelaweb\"\u003e\u003ccode\u003e@​amodelaweb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2228\"\u003elangchain-ai/langsmith-sdk#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Make traced async iterators call finally on success by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2230\"\u003elangchain-ai/langsmith-sdk#2230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.4.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2231\"\u003elangchain-ai/langsmith-sdk#2231\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/71b71893b45953b9f339bc62a8037469da4fc914\"\u003e\u003ccode\u003e71b7189\u003c/code\u003e\u003c/a\u003e feat(python): Bump pydantic to v2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1482c9c3f689680e448da66e75c377a8f5bb00ae\"\u003e\u003ccode\u003e1482c9c\u003c/code\u003e\u003c/a\u003e feat: add prompt cache back and setup environment tests (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3ebe56bd56c16616945e7bf9d6860c2c42f1a782\"\u003e\u003ccode\u003e3ebe56b\u003c/code\u003e\u003c/a\u003e release(js): bump to 0.4.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2259\"\u003e#2259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8b87f144ef5d2c6a5b3e9bf3f86ba49ca571f198\"\u003e\u003ccode\u003e8b87f14\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2257\"\u003e#2257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/43335d5ac9eda253671b0300e38b248e35882f30\"\u003e\u003ccode\u003e43335d5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: add js prompt caching\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/ae71b5e7cdc44a8868b8d4de8696bd6b3c70f1ac\"\u003e\u003ccode\u003eae71b5e\u003c/code\u003e\u003c/a\u003e chore(js): bump JS to 0.4.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2253\"\u003e#2253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/9fd842cf020d4825a34ce4bf6aa7d678e6813e34\"\u003e\u003ccode\u003e9fd842c\u003c/code\u003e\u003c/a\u003e bump(python): 0.5.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2256\"\u003e#2256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8fd1283fcf7d0f284f36287ac9975b2ca8661f9a\"\u003e\u003ccode\u003e8fd1283\u003c/code\u003e\u003c/a\u003e fix(claude): correctly parse llm and tool inputs in claude agent sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/2903578ef415dd785b95dc9cce95c1ba2f8f4f23\"\u003e\u003ccode\u003e2903578\u003c/code\u003e\u003c/a\u003e feat: add js prompt caching (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2251\"\u003e#2251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3f1d68058251de9e4204c7b9d5c65729dce401eb\"\u003e\u003ccode\u003e3f1d680\u003c/code\u003e\u003c/a\u003e feat: add prompt caching to python sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2246\"\u003e#2246\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.3.15...v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/core` from 0.3.40 to 0.3.80\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2954498b052b3ebc30b8ff37a11db1953f4ae0f0\"\u003e\u003ccode\u003e2954498\u003c/code\u003e\u003c/a\u003e chore(docs): Update llms.text redirect (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/9988\"\u003e#9988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/b2f3c2354edc8e9a0386f475839b0e40a21c3cc9\"\u003e\u003ccode\u003eb2f3c23\u003c/code\u003e\u003c/a\u003e fix(docs): v0.3 redirects fix (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/9929\"\u003e#9929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/e8fbaf3131a8f5715516e50b92490941c7554abb\"\u003e\u003ccode\u003ee8fbaf3\u003c/code\u003e\u003c/a\u003e add core docs redir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/22c28eff1297cfbd1a8189bea9cdf9ad276777a5\"\u003e\u003ccode\u003e22c28ef\u003c/code\u003e\u003c/a\u003e fix(docs): Fix redirects (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/9908\"\u003e#9908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/926dc85e9c9b020a80985c38fdee026d6a2b8bde\"\u003e\u003ccode\u003e926dc85\u003c/code\u003e\u003c/a\u003e x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/dbf05fdc6577bb1e7e1b42d7b9fc293465021140\"\u003e\u003ccode\u003edbf05fd\u003c/code\u003e\u003c/a\u003e fix - sry for spam\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/6854916777fb83547fdfa734e502e379df05fcb5\"\u003e\u003ccode\u003e6854916\u003c/code\u003e\u003c/a\u003e fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/c869f64450dfc7fd1d883416d919533d1276eb6a\"\u003e\u003ccode\u003ec869f64\u003c/code\u003e\u003c/a\u003e add index\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/b29d1940d00a5debb59660812637953ffe97fb12\"\u003e\u003ccode\u003eb29d194\u003c/code\u003e\u003c/a\u003e fix output dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3605e971bcee5288cf02316311727aae0985d718\"\u003e\u003ccode\u003e3605e97\u003c/code\u003e\u003c/a\u003e null framework\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langchainjs/compare/@langchain/community==0.3.40...@langchain/core==0.3.80\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~hntrl\"\u003ehntrl\u003c/a\u003e, a new releaser for \u003ccode\u003e@​langchain/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.7.9 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.7.9...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.2 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.2...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.9 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.9...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.2 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://g...\n\n_Description has been truncated_","html_url":"https://github.com/HarleyCoops/openevals/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Fopenevals/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"4481023404","node_id":"PR_kwDOPbw1mM7dQJVl","number":86,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-06-06T21:55:48.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T21:02:30.000Z","updated_at":"2026-06-06T21:55:49.000Z","time_to_close":1558398,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":15,"packages":[{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"hono","old_version":"4.9.1","new_version":"4.12.18","repository_url":"https://github.com/honojs/hono"},{"name":"next","old_version":"16.0.7","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"nuxt","old_version":"4.1.3","new_version":"4.4.6","repository_url":"https://github.com/nuxt/nuxt"},{"name":"axios","old_version":"1.11.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"5.0.6","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"dompurify","old_version":"3.3.0","new_version":"3.4.5","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"fast-uri","old_version":"2.4.0","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"langsmith","old_version":"0.3.58","new_version":"0.7.1","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"protobufjs","old_version":"7.5.3","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [hono](https://github.com/honojs/hono) | `4.9.1` | `4.12.18` |\n| [next](https://github.com/vercel/next.js) | `16.0.7` | `16.2.6` |\n| [nuxt](https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt) | `4.1.3` | `4.4.6` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.15.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `5.0.6` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.0` | `3.4.5` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `2.4.0` | `3.1.2` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.58` | `0.7.1` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.5.3` | `7.6.0` |\n\n\nUpdates `uuid` from 9.0.1 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.1...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.9.1 to 4.12.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.18\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eCache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage\u003c/h3\u003e\n\u003cp\u003eAffects: Cache Middleware. Fixes missing cache-skip handling for \u003ccode\u003eVary: Authorization\u003c/code\u003e and \u003ccode\u003eVary: Cookie\u003c/code\u003e, where a response cached for one authenticated user could be served to other users. GHSA-p77w-8qqv-26rm\u003c/p\u003e\n\u003ch3\u003eCSS Declaration Injection via Style Object Values in JSX SSR\u003c/h3\u003e\n\u003cp\u003eAffects: hono/jsx. Fixes a missing CSS-context escape for \u003ccode\u003estyle\u003c/code\u003e object values and property names, where untrusted input could inject additional CSS declarations. The impact is limited to CSS and does not allow JavaScript execution. GHSA-qp7p-654g-cw7p\u003c/p\u003e\n\u003ch3\u003eImproper validation of NumericDate claims (exp, nbf, iat) in JWT verify()\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/utils/jwt\u003c/code\u003e. Fixes improper validation of \u003ccode\u003eexp\u003c/code\u003e, \u003ccode\u003enbf\u003c/code\u003e, and \u003ccode\u003eiat\u003c/code\u003e claims, where falsy, non-finite, or non-numeric values could silently bypass time-based checks instead of being rejected per RFC 7519. GHSA-hm8q-7f3q-5f36\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use the JWT helper, hono/jsx, or the Cache middleware are strongly encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.17\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(jsx): normalize SVG attributes on the \u003c!-- raw HTML omitted --\u003e root element by \u003ca href=\"https://github.com/kfly8\"\u003e\u003ccode\u003e@​kfly8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4893\"\u003ehonojs/hono#4893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ssg): add \u003ccode\u003eatom+xml\u003c/code\u003e and \u003ccode\u003erss+xml\u003c/code\u003e to \u003ccode\u003edefaultExtensionMap\u003c/code\u003e by \u003ca href=\"https://github.com/yuintei\"\u003e\u003ccode\u003e@​yuintei\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4899\"\u003ehonojs/hono#4899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(cors): make origin optional in CORSOptions by \u003ca href=\"https://github.com/truffle-dev\"\u003e\u003ccode\u003e@​truffle-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4905\"\u003ehonojs/hono#4905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(types): propagate middleware response types to app.on overloads by \u003ca href=\"https://github.com/T4ko0522\"\u003e\u003ccode\u003e@​T4ko0522\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4906\"\u003ehonojs/hono#4906\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kfly8\"\u003e\u003ccode\u003e@​kfly8\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4893\"\u003ehonojs/hono#4893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/truffle-dev\"\u003e\u003ccode\u003e@​truffle-dev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4905\"\u003ehonojs/hono#4905\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.16...v4.12.17\"\u003ehttps://github.com/honojs/hono/compare/v4.12.16...v4.12.17\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.16\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eUnvalidated JSX Tag Names in hono/jsx May Allow HTML Injection\u003c/h3\u003e\n\u003cp\u003eAffects: hono/jsx. Fixes missing validation of JSX tag names when using \u003ccode\u003ejsx()\u003c/code\u003e or \u003ccode\u003ecreateElement()\u003c/code\u003e, which could allow HTML injection if untrusted input is used as the tag name. GHSA-69xw-7hcm-h432\u003c/p\u003e\n\u003ch3\u003ebodyLimit() can be bypassed for chunked / unknown-length requests\u003c/h3\u003e\n\u003cp\u003eAffects: Body Limit Middleware. Fixes late enforcement for request bodies without a reliable Content-Length (e.g. chunked requests), where oversized requests could reach handlers and return successful responses before being rejected. GHSA-9vqf-7f2p-gf9v\u003c/p\u003e\n\u003ch2\u003ev4.12.15\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(jwt): support single-line PEM keys by \u003ca href=\"https://github.com/hiendv\"\u003e\u003ccode\u003e@​hiendv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4889\"\u003ehonojs/hono#4889\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f10dee89ced5956b73c1cdc416d6bc0fd54d63b7\"\u003e\u003ccode\u003ef10dee8\u003c/code\u003e\u003c/a\u003e 4.12.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a5bd9ebead279ed9d0239ecbd854f629edfc0e57\"\u003e\u003ccode\u003ea5bd9eb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/58d3d3ad5656e007ed99da1b73865975952de5e9\"\u003e\u003ccode\u003e58d3d3a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/568c2ecc1dd556894fad4dfa4a7ba499db6dba9c\"\u003e\u003ccode\u003e568c2ec\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/ff2b3d31df1be35f7d597a95dd3369402b6e87f2\"\u003e\u003ccode\u003eff2b3d3\u003c/code\u003e\u003c/a\u003e 4.12.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/52aaaf9714b06303ce5caa655b1d80675be687e9\"\u003e\u003ccode\u003e52aaaf9\u003c/code\u003e\u003c/a\u003e fix(types): propagate middleware response types to app.on overloads (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4906\"\u003e#4906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/76d5589e9b0569f4e74ec37e8dd6979455f70dfa\"\u003e\u003ccode\u003e76d5589\u003c/code\u003e\u003c/a\u003e fix(cors): make origin optional in CORSOptions (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4905\"\u003e#4905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/8f027e5574e91e3c7f263a728656e3888559e51a\"\u003e\u003ccode\u003e8f027e5\u003c/code\u003e\u003c/a\u003e fix(ssg): add \u003ccode\u003eatom+xml\u003c/code\u003e and \u003ccode\u003erss+xml\u003c/code\u003e to \u003ccode\u003edefaultExtensionMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4899\"\u003e#4899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/bfba97ca7ea3d4541a3419f1749e5a1a3e8f1727\"\u003e\u003ccode\u003ebfba97c\u003c/code\u003e\u003c/a\u003e fix(jsx): normalize SVG attributes on the \u0026lt;svg\u0026gt; root element (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4893\"\u003e#4893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/90d4182aabd328e2ec6af3f25ec62ddc574ad8cb\"\u003e\u003ccode\u003e90d4182\u003c/code\u003e\u003c/a\u003e 4.12.16\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.9.1...v4.12.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 16.0.7 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.0.7...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nuxt` from 4.1.3 to 4.4.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nuxt/nuxt/releases\"\u003enuxt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e4.4.6 is the next patch release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003e👉 Changelog\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nuxt/nuxt/compare/v4.4.5...v4.4.6\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003evite:\u003c/strong\u003e Use spa entry for vite-node fallback (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35037\"\u003e#35037\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evite:\u003c/strong\u003e Invalidate SSR module cache when modules are invalidated via plugin hooks (\u003ca href=\"https://github.com/nuxt/nuxt/commit/a86657a0e\"\u003ea86657a0e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Match deduplicated \u003ccode\u003eresolveComponent\u003c/code\u003e calls in jsx blocks (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35028\"\u003e#35028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Prefer our own builder/server deps (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35029\"\u003e#35029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Update \u003ccode\u003euseFetch\u003c/code\u003e key even with \u003ccode\u003ewatch: false\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35002\"\u003e#35002\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Mark \u003ccode\u003e@babel/plugin-syntax-typescript\u003c/code\u003e as optional peer dep (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35041\"\u003e#35041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Add json extension to payload cache items (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35043\"\u003e#35043\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Handle errors fetching app manifest (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35050\"\u003e#35050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Encode html-significant characters in external redirect body (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35052\"\u003e#35052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Preserve \u003ccode\u003esetPageLayout\u003c/code\u003e props on same-path navigation (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35055\"\u003e#35055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evite:\u003c/strong\u003e Don't strip buildAssetsDir from vite-node SSR ids (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35040\"\u003e#35040\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Mark \u003ccode\u003euseLoadingIndicator\u003c/code\u003e properties as readonly (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35062\"\u003e#35062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evite:\u003c/strong\u003e Strip queries in css inline styles map (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35067\"\u003e#35067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Validate island request hash matches props (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35077\"\u003e#35077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Use regexp to strip query (\u003ca href=\"https://github.com/nuxt/nuxt/commit/163e18d4b\"\u003e163e18d4b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Use \u003ccode\u003estatusCode\u003c/code\u003e for nitro v2 compatibility (\u003ca href=\"https://github.com/nuxt/nuxt/commit/952f6841e\"\u003e952f6841e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro-server:\u003c/strong\u003e Re-export h3 named symbols statically (\u003ca href=\"https://github.com/nuxt/nuxt/commit/cd99001c8\"\u003ecd99001c8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Render component-less parent routes during client-side nav (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35036\"\u003e#35036\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ekit:\u003c/strong\u003e Respect \u003ccode\u003etsConfig.exclude\u003c/code\u003e in legacy \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35079\"\u003e#35079\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Run middleware for page islands (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35092\"\u003e#35092\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e💅 Refactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erspack,webpack:\u003c/strong\u003e Extract same-origin check for dev middleware (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35051\"\u003e#35051\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📖 Documentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove CSB, set node 22 and use steps for clarity (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35066\"\u003e#35066\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🏡 Chore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOne more type, one more (\u003ca href=\"https://github.com/nuxt/nuxt/commit/50dcf15bb\"\u003e50dcf15bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove unneeded (?) overrides (\u003ca href=\"https://github.com/nuxt/nuxt/commit/6997093af\"\u003e6997093af\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse explicit versions for fixture dependencies (\u003ca href=\"https://github.com/nuxt/nuxt/commit/294a734d4\"\u003e294a734d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore link-like syntax in code (\u003ca href=\"https://github.com/nuxt/nuxt/commit/2584a549c\"\u003e2584a549c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow engines.node in test (\u003ca href=\"https://github.com/nuxt/nuxt/commit/5bb17fb47\"\u003e5bb17fb47\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove unused import (\u003ca href=\"https://github.com/nuxt/nuxt/commit/a52d78626\"\u003ea52d78626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e✅ Tests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelax relative time assertion (\u003ca href=\"https://github.com/nuxt/nuxt/commit/c3dcd16f9\"\u003ec3dcd16f9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type (\u003ca href=\"https://github.com/nuxt/nuxt/commit/732d844ad\"\u003e732d844ad\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop h3 v2 types (\u003ca href=\"https://github.com/nuxt/nuxt/commit/8286e5fcd\"\u003e8286e5fcd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🤖 CI\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClean up agent-scan workflow (\u003ca href=\"https://github.com/nuxt/nuxt/commit/ab8317547\"\u003eab8317547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eContinue autofix workflow when \u003ccode\u003etest:engines\u003c/code\u003e fails (\u003ca href=\"https://github.com/nuxt/nuxt/commit/3025e561e\"\u003e3025e561e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove workflows (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35088\"\u003e#35088\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDaniel Roe (\u003ca href=\"https://github.com/danielroe\"\u003e\u003ccode\u003e@​danielroe\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/30a45f7bb206a8373b9183e60eb344891a6f5bb8\"\u003e\u003ccode\u003e30a45f7\u003c/code\u003e\u003c/a\u003e v4.4.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/e881fe84e80d6afa7c55f3f985c996e0d4611220\"\u003e\u003ccode\u003ee881fe8\u003c/code\u003e\u003c/a\u003e fix(nuxt): run middleware for page islands (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35092\"\u003e#35092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/3310097260377d77fbdc46dc54ff97b0d60ca900\"\u003e\u003ccode\u003e3310097\u003c/code\u003e\u003c/a\u003e fix(nuxt): render component-less parent routes during client-side nav (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35036\"\u003e#35036\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/b29f805a23821a139bf826b4c3094accf551dfd6\"\u003e\u003ccode\u003eb29f805\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (4.x) (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35075\"\u003e#35075\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/e9cddf4c7981cf20bbf6f93a99a6b317a8a94884\"\u003e\u003ccode\u003ee9cddf4\u003c/code\u003e\u003c/a\u003e fix(nitro): validate island request hash matches props (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35077\"\u003e#35077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/749972167f68d488df84fc644f06cb6900b1cdab\"\u003e\u003ccode\u003e7499721\u003c/code\u003e\u003c/a\u003e fix(nuxt): mark \u003ccode\u003euseLoadingIndicator\u003c/code\u003e properties as readonly (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35062\"\u003e#35062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/38507a8c1da20183074a2f54bc6ad3308b00aa8c\"\u003e\u003ccode\u003e38507a8\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency cssnano to v8 (4.x) (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35038\"\u003e#35038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/5abe6d32d114f647461fd14552c2a49d25c1996a\"\u003e\u003ccode\u003e5abe6d3\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (4.x) (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35046\"\u003e#35046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/4bdd9dd4a1ca999ba4bf16e6e8fc052a3d8d4441\"\u003e\u003ccode\u003e4bdd9dd\u003c/code\u003e\u003c/a\u003e fix(nuxt): preserve \u003ccode\u003esetPageLayout\u003c/code\u003e props on same-path navigation (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35055\"\u003e#35055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/1ca9c4494e7c8b32a79aa2f4031554f932114516\"\u003e\u003ccode\u003e1ca9c44\u003c/code\u003e\u003c/a\u003e fix(nuxt): encode html-significant characters in external redirect body (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35052\"\u003e#35052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nuxt/nuxt/commits/v4.4.6/packages/nuxt\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.11.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 5.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efmt  5a5cc17\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  0b6a978\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v4.0.0...v4.0.1\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v4.0.0...v4.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use string replaces instead of splits (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/64\"\u003e#64\u003c/a\u003e)  278132b\u003c/li\u003e\n\u003cli\u003efmt  dd72a59\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003etea.yaml\u003c/code\u003e  70e4c1b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v3.0.0...v4.0.0\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v3.0.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAs a precaution to not risk breaking anything with 278132b, this is a new semver major release\u003c/p\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 3.x  3059c07\u003c/li\u003e\n\u003cli\u003efmt  8229e6f\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  15f9b3c\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v3.0.0...v3.0.1\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v3.0.0...v3.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to ES Modules and balanced-match 3.0.0 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/62\"\u003e#62\u003c/a\u003e)  c0360e8\u003c/li\u003e\n\u003cli\u003eadded jsdoc (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/55\"\u003e#55\u003c/a\u003e)  68c0e37\u003c/li\u003e\n\u003cli\u003enode 16 is EOL  9e781e9\u003c/li\u003e\n\u003cli\u003eadd standard  3494c4d\u003c/li\u003e\n\u003cli\u003euse const and let (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/57\"\u003e#57\u003c/a\u003e)  dd5a4cb\u003c/li\u003e\n\u003cli\u003edocs  6dad209\u003c/li\u003e\n\u003cli\u003eremove \u003ccode\u003etest\u003c/code\u003e  e3dd8ae\u003c/li\u003e\n\u003cli\u003eci: update node versions  d23ede9\u003c/li\u003e\n\u003cli\u003edocs: add \u003ca href=\"https://github.com/lanodan\"\u003e\u003ccode\u003e@​lanodan\u003c/code\u003e\u003c/a\u003e to contributors  1eb3fa4\u003c/li\u003e\n\u003cli\u003edocs  1e7c9cd\u003c/li\u003e\n\u003cli\u003eswitch from tape to test module (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/60\"\u003e#60\u003c/a\u003e)  2520537\u003c/li\u003e\n\u003cli\u003eBump minimist from 1.2.5 to 1.2.6 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/59\"\u003e#59\u003c/a\u003e)  61a94f1\u003c/li\u003e\n\u003cli\u003eBump path-parse from 1.0.6 to 1.0.7 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/51\"\u003e#51\u003c/a\u003e)  dc741cf\u003c/li\u003e\n\u003cli\u003edocs: add back ci badge  8ee5626\u003c/li\u003e\n\u003cli\u003eAdd github actions, remove travis. Closes \u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/52\"\u003e#52\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/53\"\u003e#53\u003c/a\u003e)  5c8756a\u003c/li\u003e\n\u003cli\u003eCI: Drop unused sudo: false Travis directive (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/50\"\u003e#50\u003c/a\u003e)  05978a7\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v3.0.0\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v3.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/46317b5d8779c151d24f65c9c139cd076f91a1c3\"\u003e\u003ccode\u003e46317b5\u003c/code\u003e\u003c/a\u003e 5.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c0b095bdc52bc4c36dc88deddbadabc49f8371e5\"\u003e\u003ccode\u003ec0b095b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ec5602085a81ca7c954f6780c6a3aef0b1e200cf\"\u003e\u003ccode\u003eec56020\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/87939017c6cb6be56b98c6fa2059b073315cd534\"\u003e\u003ccode\u003e8793901\u003c/code\u003e\u003c/a\u003e 5.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/9a02af5c5c80731fae470cc3218c16876bb25051\"\u003e\u003ccode\u003e9a02af5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a\"\u003e\u003ccode\u003edaa71bc\u003c/code\u003e\u003c/a\u003e Bump tar from 7.5.10 to 7.5.11 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/799e5f7a222b0ea29052090b80fab2125a846543\"\u003e\u003ccode\u003e799e5f7\u003c/code\u003e\u003c/a\u003e Bump tar from 7.5.9 to 7.5.10 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/90\"\u003e#90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/012c230b7f71ca0c43febfa2dc3b710f63f129dd\"\u003e\u003ccode\u003e012c230\u003c/code\u003e\u003c/a\u003e 5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/243c491714270462decf1293b395e0aa6f6c15c4\"\u003e\u003ccode\u003e243c491\u003c/code\u003e\u003c/a\u003e Fix handling of brackets. Closes \u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/87\"\u003e#87\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/609f8588070198ca6ff7132d2f78bbae5c991b93\"\u003e\u003ccode\u003e609f858\u003c/code\u003e\u003c/a\u003e Correct incorrect brace-expansion import (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/89\"\u003e#89\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v5.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 5.3.2 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2ee...\n\n_Description has been truncated_","html_url":"https://github.com/Sherlock999xxx/voltagent/pull/86","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sherlock999xxx%2Fvoltagent/issues/86","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/86/packages"},{"uuid":"4479740145","node_id":"PR_kwDOO6zy8c7dL6Cr","number":107,"state":"open","title":"Bump the npm_and_yarn group across 12 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":10,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T17:54:57.000Z","updated_at":"2026-05-19T19:01:07.042Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"axios","old_version":"1.15.1","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"langsmith","old_version":"0.5.26","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"vm2","old_version":"3.11.2","new_version":"3.11.3","repository_url":"https://github.com/patriksimek/vm2"},{"name":"langsmith","old_version":"0.5.26","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"vm2","old_version":"3.11.2","new_version":"3.11.3","repository_url":"https://github.com/patriksimek/vm2"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"protobufjs","old_version":"7.4.0","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"protobufjs","old_version":"7.4.0","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"5.0.6","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"5.0.5","repository_url":"https://github.com/juliangruber/brace-expansion"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the / directory: [axios](https://github.com/axios/axios), [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [vm2](https://github.com/patriksimek/vm2).\nBumps the npm_and_yarn group with 2 updates in the /desktop directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [vm2](https://github.com/patriksimek/vm2).\nBumps the npm_and_yarn group with 1 update in the /docs/sdk/trigger-llms.md/anchor-browser-web-scraper directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /docs/sdk/trigger-llms.md/batch-llm-evaluator directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /docs/sdk/trigger-llms.md/building-effective-agents directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /docs/sdk/trigger-llms.md/changelog-generator directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /docs/sdk/trigger-llms.md/claude-agent-github-wiki directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /docs/sdk/trigger-llms.md/claude-agent-sdk-trigger directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /docs/sdk/trigger-llms.md/claude-thinking-chatbot directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /packages/shared/cli directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 4 updates in the /web directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk), [vm2](https://github.com/patriksimek/vm2), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html).\nBumps the npm_and_yarn group with 1 update in the /web/.bing-shared/cli directory: [axios](https://github.com/axios/axios).\n\nUpdates `axios` from 1.15.1 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.5.26 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vm2` from 3.11.2 to 3.11.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/releases\"\u003evm2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.11.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eSecurity fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-248r-7h7q-cr24\u003c/strong\u003e — Async generator \u003ccode\u003eyield*\u003c/code\u003e-return thenable exception capture (RCE)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patriksimek/vm2/blob/main/docs/ATTACKS.md\"\u003e\u003ccode\u003edocs/ATTACKS.md\u003c/code\u003e\u003c/a\u003e updated through Category 29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\"\u003ehttps://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/blob/main/CHANGELOG.md\"\u003evm2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.11.3]\u003c/h2\u003e\n\u003cp\u003ePatch release — no API changes.\u003c/p\u003e\n\u003ch3\u003eSecurity fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-248r-7h7q-cr24\u003c/strong\u003e — async generator \u003ccode\u003eyield*\u003c/code\u003e-return thenable exception capture. Calling \u003ccode\u003ei.return(thenable)\u003c/code\u003e on an async generator delegating to a no-\u003ccode\u003ereturn\u003c/code\u003e inner iterator let V8's \u003ccode\u003ePromiseResolveThenableJob\u003c/code\u003e capture synchronous throws from the thenable's \u003ccode\u003e.then\u003c/code\u003e and surface them to sandbox code as iterator results — bypassing both the transformer's \u003ccode\u003ecatch\u003c/code\u003e instrumentation and the \u003ccode\u003eglobalPromise.prototype.then\u003c/code\u003e rejection sanitiser. Two-layer defense on \u003ccode\u003e%AsyncGeneratorPrototype%.next/.return/.throw\u003c/code\u003e in \u003ccode\u003elib/setup-sandbox.js\u003c/code\u003e: every iterator-result promise routes value and rejection through \u003ccode\u003ehandleException\u003c/code\u003e, and every thenable argument is replaced with a sandbox-realm wrapper whose \u003ccode\u003e.then\u003c/code\u003e is a fixed \u003ccode\u003esafeThen\u003c/code\u003e that sanitises sync throws and recursively re-wraps any nested thenable handed to \u003ccode\u003eresolve(...)\u003c/code\u003e. When \u003ccode\u003esafeThen\u003c/code\u003e reads \u003ccode\u003evalue.then\u003c/code\u003e and it is non-function, the wrapper always resolves with a \u003ccode\u003e{__proto__: null}\u003c/code\u003e shadow so V8's re-read of \u003ccode\u003e.then\u003c/code\u003e cannot observe attacker-controlled values — closing every counting/self-replacing-getter TOCTOU variant. Trade-off: identity is not preserved for non-thenable values passed to \u003ccode\u003ei.return(x)\u003c/code\u003e. ATTACKS.md Category 29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patriksimek/vm2/commit/093494c0c3ef2390d2e56909f9d56e290e6f18b0\"\u003e\u003ccode\u003e093494c\u003c/code\u003e\u003c/a\u003e fix(GHSA-248r-7h7q-cr24): close async generator yield*-return thenable except...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.5.26 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vm2` from 3.11.2 to 3.11.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/releases\"\u003evm2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.11.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eSecurity fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-248r-7h7q-cr24\u003c/strong\u003e — Async generator \u003ccode\u003eyield*\u003c/code\u003e-return thenable exception capture (RCE)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patriksimek/vm2/blob/main/docs/ATTACKS.md\"\u003e\u003ccode\u003edocs/ATTACKS.md\u003c/code\u003e\u003c/a\u003e updated through Category 29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\"\u003ehttps://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/blob/main/CHANGELOG.md\"\u003evm2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.11.3]\u003c/h2\u003e\n\u003cp\u003ePatch release — no API changes.\u003c/p\u003e\n\u003ch3\u003eSecurity fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-248r-7h7q-cr24\u003c/strong\u003e — async generator \u003ccode\u003eyield*\u003c/code\u003e-return thenable exception capture. Calling \u003ccode\u003ei.return(thenable)\u003c/code\u003e on an async generator delegating to a no-\u003ccode\u003ereturn\u003c/code\u003e inner iterator let V8's \u003ccode\u003ePromiseResolveThenableJob\u003c/code\u003e capture synchronous throws from the thenable's \u003ccode\u003e.then\u003c/code\u003e and surface them to sandbox code as iterator results — bypassing both the transformer's \u003ccode\u003ecatch\u003c/code\u003e instrumentation and the \u003ccode\u003eglobalPromise.prototype.then\u003c/code\u003e rejection sanitiser. Two-layer defense on \u003ccode\u003e%AsyncGeneratorPrototype%.next/.return/.throw\u003c/code\u003e in \u003ccode\u003elib/setup-sandbox.js\u003c/code\u003e: every iterator-result promise routes value and rejection through \u003ccode\u003ehandleException\u003c/code\u003e, and every thenable argument is replaced with a sandbox-realm wrapper whose \u003ccode\u003e.then\u003c/code\u003e is a fixed \u003ccode\u003esafeThen\u003c/code\u003e that sanitises sync throws and recursively re-wraps any nested thenable handed to \u003ccode\u003eresolve(...)\u003c/code\u003e. When \u003ccode\u003esafeThen\u003c/code\u003e reads \u003ccode\u003evalue.then\u003c/code\u003e and it is non-function, the wrapper always resolves with a \u003ccode\u003e{__proto__: null}\u003c/code\u003e shadow so V8's re-read of \u003ccode\u003e.then\u003c/code\u003e cannot observe attacker-controlled values — closing every counting/self-replacing-getter TOCTOU variant. Trade-off: identity is not preserved for non-thenable values passed to \u003ccode\u003ei.return(x)\u003c/code\u003e. ATTACKS.md Category 29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patriksimek/vm2/commit/093494c0c3ef2390d2e56909f9d56e290e6f18b0\"\u003e\u003ccode\u003e093494c\u003c/code\u003e\u003c/a\u003e fix(GHSA-248r-7h7q-cr24): close async generator yield*-return thenable except...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.0/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.1 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1ee4a9069c69a51bd502aab289c0c6629c8920ca\"\u003e\u003ccode\u003e1ee4a90\u003c/code\u003e\u003c/a\u003e 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b0302ac153ecfaad66752aac79bf30d2895db8f1\"\u003e\u003ccode\u003eb0302ac\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v2 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.4.0 to 7.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.0/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.4.0 to 7.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.0/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 5.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1ee4a9069c69a51bd502aab289c0c6629c8920ca\"\u003e\u003ccode\u003e1ee4a90\u003c/code\u003e\u003c/a\u003e 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b0302ac153ecfaad66752aac79bf30d2895db8f1\"\u003e\u003ccode\u003eb0302ac\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v2 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.0/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1ee4a9069c69a51bd502aab289c0c6629c8920ca\"\u003e\u003ccode\u003e1ee4a90\u003c/code\u003e\u003c/a\u003e 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b0302ac153ecfaad66752aac79bf30d2895db8f1\"\u003e\u003ccode\u003eb0302ac\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v2 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate dependencies across 12 directories to apply security fixes and minor improvements. Notable bumps: `axios` 1.15.2, `vm2` 3.11.3, `langsmith` (desktop 0.6.0, web 0.7.1), `protobufjs` 7.6.0, and `brace-expansion` patches.\n\n- **Dependencies**\n  - `axios` → 1.15.2: Hardens Node HTTP adapter, adds `allowedSocketPaths` (SSRF mitigation), and fixes keep‑alive socket leak.\n  - `vm2` → 3.11.3: Patches RCE vector (GHSA-248r-7h7q-cr24) in async generator thenables.\n  - `langsmith`: Desktop → 0.6.0; Web → 0.7.1. Includes tracing and prompt cache improvements.\n  - `protobufjs` → 7.6.0: Parser/bundler hardening and BigInt conversions.\n  - `brace-expansion` → 2.x/5.x: ReDoS mitigation and related fixes.\n  - `sanitize-html` (web) → 2.17.4: Patch update.\n\n\u003csup\u003eWritten for commit 62a6b73e8a723e057125f5176eac50a1c6ed0f03. Summary will update on new commits. \u003ca href=\"https://cubic.dev/pr/quazfenton/binG/pull/107?utm_source=github\"\u003eReview in cubic\u003c/a\u003e\u003c/sup\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/quazfenton/binG/pull/107","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/quazfenton%2FbinG/issues/107","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/107/packages"}],"issue_packages":[{"old_version":"0.4.12","new_version":"0.7.7","update_type":"minor","path":null,"pr_created_at":"2026-06-13T08:34:44.000Z","version_change":"0.4.12 → 0.7.7","issue":{"uuid":"4654916712","node_id":"PR_kwDORDKUu87mCn8x","number":5,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T08:34:44.000Z","updated_at":"2026-06-13T08:35:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"@hono/node-server","old_version":"1.19.11","new_version":"1.19.13","repository_url":"https://github.com/honojs/node-server"},{"name":"hono","old_version":"4.12.11","new_version":"4.12.21","repository_url":"https://github.com/honojs/hono"},{"name":"mongoose","old_version":"8.21.1","new_version":"8.22.1","repository_url":"https://github.com/Automattic/mongoose"},{"name":"axios","old_version":"1.13.5","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"langsmith","old_version":"0.4.12","new_version":"0.7.7","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"react-router","old_version":"7.13.0","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.19.11` | `1.19.13` |\n| [hono](https://github.com/honojs/hono) | `4.12.11` | `4.12.21` |\n| [mongoose](https://github.com/Automattic/mongoose) | `8.21.1` | `8.22.1` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.17.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.10` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.4.12` | `0.7.7` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.13.0` | `7.17.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n\n\nUpdates `@hono/node-server` from 1.19.11 to 1.19.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.12.11 to 4.12.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.21\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eapp.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eapp.mount()\u003c/code\u003e. Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3\u003c/p\u003e\n\u003ch3\u003eIP Restriction bypasses static deny rules for non-canonical IPv6\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/ip-restriction\u003c/code\u003e. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5\u003c/p\u003e\n\u003ch3\u003eCookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cookie\u003c/code\u003e. Fixes missing validation of \u003ccode\u003esameSite\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e options against injection characters (\u003ccode\u003e;\u003c/code\u003e, \u003ccode\u003e\\r\u003c/code\u003e, \u003ccode\u003e\\n\u003c/code\u003e), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x\u003c/p\u003e\n\u003ch3\u003eJWT middleware accepts any Authorization scheme, not only Bearer\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/jwt\u003c/code\u003e, \u003ccode\u003ehono/jwk\u003c/code\u003e. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use \u003ccode\u003eapp.mount()\u003c/code\u003e, \u003ccode\u003ehono/ip-restriction\u003c/code\u003e, \u003ccode\u003ehono/cookie\u003c/code\u003e, or \u003ccode\u003ehono/jwt\u003c/code\u003e/\u003ccode\u003ehono/jwk\u003c/code\u003e are encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.20\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(route): preserve the base path of the mounted route() app by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4942\"\u003ehonojs/hono#4942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(jsx): widen jsx and jsxFn children to Child[] by \u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.19...v4.12.20\"\u003ehttps://github.com/honojs/hono/compare/v4.12.19...v4.12.20\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.19\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: pin GitHub Actions to SHAs by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4932\"\u003ehonojs/hono#4932\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serveStatic): make options parameter optional in all adapters by \u003ca href=\"https://github.com/mixelburg\"\u003e\u003ccode\u003e@​mixelburg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4934\"\u003ehonojs/hono#4934\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(cookie): return the first cookie when there are multiple cookies with the same name by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4922\"\u003ehonojs/hono#4922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(bearer-auth): make bearerAuth generic for typed context in verifyToken by \u003ca href=\"https://github.com/justinnais\"\u003e\u003ccode\u003e@​justinnais\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4913\"\u003ehonojs/hono#4913\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(cache): key cache entries by configured vary headers by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4915\"\u003ehonojs/hono#4915\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(request): add \u003ccode\u003ebytes()\u003c/code\u003e by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4921\"\u003ehonojs/hono#4921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stream): upgrade \u003ccode\u003e@hono/node-server\u003c/code\u003e to v2 and fix abort handling by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4940\"\u003ehonojs/hono#4940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/justinnais\"\u003e\u003ccode\u003e@​justinnais\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4913\"\u003ehonojs/hono#4913\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.18...v4.12.19\"\u003ehttps://github.com/honojs/hono/compare/v4.12.18...v4.12.19\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a83ddb882e0c0b8c336050dba087bb2e1b12488e\"\u003e\u003ccode\u003ea83ddb8\u003c/code\u003e\u003c/a\u003e 4.12.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1\"\u003e\u003ccode\u003e6cbb025\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c831020fb1fa2e929d222f6c84e1abfe013e512b\"\u003e\u003ccode\u003ec831020\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/905aedbc20661e0e2fa378783a7ec44a5c3df43d\"\u003e\u003ccode\u003e905aedb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/5463db2735476959b8af67756f4e513f4fe19115\"\u003e\u003ccode\u003e5463db2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c657a39ccc8d3194d345d9e82c8587bd25b5b6e8\"\u003e\u003ccode\u003ec657a39\u003c/code\u003e\u003c/a\u003e 4.12.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/eb2d0c238adbcee5933d0f8c15f1a65a88f50565\"\u003e\u003ccode\u003eeb2d0c2\u003c/code\u003e\u003c/a\u003e fix(jsx): widen jsx and jsxFn children to Child[] (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4947\"\u003e#4947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/dcabbece347817ef7193439c39d28546b8ac3a85\"\u003e\u003ccode\u003edcabbec\u003c/code\u003e\u003c/a\u003e fix(route): preserve the base path of the mounted route() app (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4942\"\u003e#4942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/7e62bcd22fa4e8f0e83cb564bac85e32f5434dd3\"\u003e\u003ccode\u003e7e62bcd\u003c/code\u003e\u003c/a\u003e 4.12.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/e2f252a8745eb25f06485b8d43e8410bf027c8ef\"\u003e\u003ccode\u003ee2f252a\u003c/code\u003e\u003c/a\u003e fix(stream): upgrade \u003ccode\u003e@hono/node-server\u003c/code\u003e to v2 and fix abort handling (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4940\"\u003e#4940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.11...v4.12.21\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mongoose` from 8.21.1 to 8.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/mongoose/releases\"\u003emongoose's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e8.22.1 / 2025-02-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle other top-level query operators in sanitizeFilter\u003c/li\u003e\n\u003cli\u003efix(document): when cloning a doc with subdocs, make sure the subdocs parent is the cloned doc \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15904\"\u003e#15904\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15901\"\u003e#15901\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(models): support Mongoose query casting in AnyBulkWriteOperation filter property \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15910\"\u003e#15910\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add toBSON() to documents \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15927\"\u003e#15927\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.22.0 / 2026-01-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat(model): allow passing strict option to hydrate() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15944\"\u003e#15944\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15940\"\u003e#15940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md\"\u003emongoose's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e8.22.1 / 2026-02-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle other top-level query operators in sanitizeFilter\u003c/li\u003e\n\u003cli\u003efix(document): when cloning a doc with subdocs, make sure the subdocs parent is the cloned doc \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15904\"\u003e#15904\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15901\"\u003e#15901\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes(models): support Mongoose query casting in AnyBulkWriteOperation filter property \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15910\"\u003e#15910\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add toBSON() to documents \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15927\"\u003e#15927\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e7.8.9 / 2026-02-04\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle other top-level query operators in sanitizeFilter\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e8.22.0 / 2026-01-27\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat(model): allow passing strict option to hydrate() \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15944\"\u003e#15944\u003c/a\u003e \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15940\"\u003e#15940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/472e7c7072e6696ead2cc06123b18a2068c1e04c\"\u003e\u003ccode\u003e472e7c7\u003c/code\u003e\u003c/a\u003e chore: release 8.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/17351494cd540ea60f24515f99e88506a95c5b8b\"\u003e\u003ccode\u003e1735149\u003c/code\u003e\u003c/a\u003e Merge branch '7.x' into 8.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/52278018019e8a331e1556bfc88c30c673404102\"\u003e\u003ccode\u003e5227801\u003c/code\u003e\u003c/a\u003e chore: release 7.8.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/b804e34e4d4cc670d7247fbd558c47412b4e5e01\"\u003e\u003ccode\u003eb804e34\u003c/code\u003e\u003c/a\u003e fix: handle other top-level query operators in sanitizeFilter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/8d9a81f54a9b9fa8ae5f5091dda5b082437ad69b\"\u003e\u003ccode\u003e8d9a81f\u003c/code\u003e\u003c/a\u003e chore: release 8.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/f752854cee2000df5ca46c6bd961df86fc2461e7\"\u003e\u003ccode\u003ef752854\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15985\"\u003e#15985\u003c/a\u003e from Automattic/8.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/e7a57ed33ad1a96c03716edb2ec69546a656fffa\"\u003e\u003ccode\u003ee7a57ed\u003c/code\u003e\u003c/a\u003e avoid hardcoding dbName\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/62fc773b9cbede4c186187060b4562e9be9ae8ef\"\u003e\u003ccode\u003e62fc773\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15944\"\u003e#15944\u003c/a\u003e from Automattic/vkarpov15/\u003ca href=\"https://redirect.github.com/Automattic/mongoose/issues/15940\"\u003egh-15940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/d859c1b9a587c5db79e949620051b3892dac83f8\"\u003e\u003ccode\u003ed859c1b\u003c/code\u003e\u003c/a\u003e remove duplicate strict mode check, unnecessary because if opts.strict is set...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/mongoose/commit/4660d6133ff585349bbf975cc147377fa85be3fb\"\u003e\u003ccode\u003e4660d61\u003c/code\u003e\u003c/a\u003e docs: add strict option to JSDoc re: code review comments\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Automattic/mongoose/compare/8.21.1...8.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.17.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.17.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4306df21e84332fc576e98c2de549347c06bfb76\"\u003e\u003ccode\u003e4306df2\u003c/code\u003e\u003c/a\u003e chore: add fun 88 sponsorship\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/931cc8f0106db4c9885403f85364b9e09ae1f6dc\"\u003e\u003ccode\u003e931cc8f\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.17.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/38ba1b3d2b0aa5ada0463a37a548feb83a84dfa1\"\u003e\u003ccode\u003e38ba1b3\u003c/code\u003e\u003c/a\u003e fix(fetch): support basic auth from URL (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32e2515f1e09b649723e4acd89d920df13eee77e\"\u003e\u003ccode\u003e32e2515\u003c/code\u003e\u003c/a\u003e fix: replace ternary side effect in script (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/030e7223831b0f562af3eb7501b24242c8a4c5ba\"\u003e\u003ccode\u003e030e722\u003c/code\u003e\u003c/a\u003e chore(deps): bump axios from 1.15.2 to 1.16.1 in /docs (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ec63164ac6b7a1fcd6b742a8628d3fffe23ce001\"\u003e\u003ccode\u003eec63164\u003c/code\u003e\u003c/a\u003e chore: remove openspec (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3dec28f94ce29d396d5f2d9718805b47428dc7ab\"\u003e\u003ccode\u003e3dec28f\u003c/code\u003e\u003c/a\u003e fix(http): preserve TLS options for proxy tunnels (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a2390a5c059342bcac2a5297728181dd9939f562\"\u003e\u003ccode\u003ea2390a5\u003c/code\u003e\u003c/a\u003e fix: correct isCancel type to narrow to CanceledError\u0026lt;T\u0026gt; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fa01b9255d71e72599826428bc6c60f34994c6ce\"\u003e\u003ccode\u003efa01b92\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump tmp from 0.2.5 to 0.2.7 in /docs (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d2314a1ac29ce6723eb53e130b4a36617fd201c\"\u003e\u003ccode\u003e2d2314a\u003c/code\u003e\u003c/a\u003e fix: AxiosHeaders \u003ccode\u003etoJSON()\u003c/code\u003e return types (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.4.12 to 0.7.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(js): subagent tool calls tracking for latest claude agent sdk by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2463\"\u003elangchain-ai/langsmith-sdk#2463\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.5 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2464\"\u003elangchain-ai/langsmith-sdk#2464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Respect traceRawHttp for tracing streaming AI SDK calls by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2466\"\u003elangchain-ai/langsmith-sdk#2466\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2467\"\u003elangchain-ai/langsmith-sdk#2467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add WebSocket transport for sandbox commands by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2443\"\u003elangchain-ai/langsmith-sdk#2443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(python): add tests for WebSocket transport layer by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2445\"\u003elangchain-ai/langsmith-sdk#2445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): use WebSocket transport by default with HTTP fallback by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2446\"\u003elangchain-ai/langsmith-sdk#2446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add CommandHandle for streaming, kill, stdin, and reconnect by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2450\"\u003elangchain-ai/langsmith-sdk#2450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(python): add tests for CommandHandle and sandbox streaming integration by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2448\"\u003elangchain-ai/langsmith-sdk#2448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(python): document sandbox streaming, kill, stdin, and reconnect by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2449\"\u003elangchain-ai/langsmith-sdk#2449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump google-cloud-aiplatform from 1.126.1 to 1.133.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2465\"\u003elangchain-ai/langsmith-sdk#2465\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix list commits endpoint for private prompts by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2479\"\u003elangchain-ai/langsmith-sdk#2479\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: persist failed trace payloads to disk for later replay by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2476\"\u003elangchain-ai/langsmith-sdk#2476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add native thread querying support by \u003ca href=\"https://github.com/ericdong-langchain\"\u003e\u003ccode\u003e@​ericdong-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2455\"\u003elangchain-ai/langsmith-sdk#2455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add raw response parsing for responses api to openai wrapper by \u003ca href=\"https://github.com/victorm-lc\"\u003e\u003ccode\u003e@​victorm-lc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2480\"\u003elangchain-ai/langsmith-sdk#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add integration and version num by \u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2481\"\u003elangchain-ai/langsmith-sdk#2481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.5.7 by \u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2482\"\u003elangchain-ai/langsmith-sdk#2482\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2481\"\u003elangchain-ai/langsmith-sdk#2481\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.6...v0.7.7\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.6...v0.7.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(python): add sandbox exception types and client plumbing by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2442\"\u003elangchain-ai/langsmith-sdk#2442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py, claude agent sdk): Correctly parent spans in asyncio context by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2457\"\u003elangchain-ai/langsmith-sdk#2457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(py): Improve retry logic for tracing ops by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2459\"\u003elangchain-ai/langsmith-sdk#2459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(py, claude agent sdk): Add wrapping for PostToolUseFailure hook by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2460\"\u003elangchain-ai/langsmith-sdk#2460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(claude agent sdk): rm debug logs by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2461\"\u003elangchain-ai/langsmith-sdk#2461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.6 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2462\"\u003elangchain-ai/langsmith-sdk#2462\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump chalk from 4.1.2 to 5.6.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2416\"\u003elangchain-ai/langsmith-sdk#2416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump \u003ccode\u003e@​jest/reporters\u003c/code\u003e from 29.7.0 to 30.2.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2417\"\u003elangchain-ai/langsmith-sdk#2417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 16 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2440\"\u003elangchain-ai/langsmith-sdk#2440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pandas-stubs from 2.3.3.251219 to 2.3.3.260113 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2404\"\u003elangchain-ai/langsmith-sdk#2404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group across 1 directory with 10 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2433\"\u003elangchain-ai/langsmith-sdk#2433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake zstandard optional by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2453\"\u003elangchain-ai/langsmith-sdk#2453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py/adk): fix multi-agent tracing by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2451\"\u003elangchain-ai/langsmith-sdk#2451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.5 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2456\"\u003elangchain-ai/langsmith-sdk#2456\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.4...v0.7.5\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.4...v0.7.5\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1fef3d59b3c14d76c1f2d9dedfaecb542fda477a\"\u003e\u003ccode\u003e1fef3d5\u003c/code\u003e\u003c/a\u003e fix: bump versions (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2482\"\u003e#2482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/f947fee76450caf6d267bff629b2fd7794e84dad\"\u003e\u003ccode\u003ef947fee\u003c/code\u003e\u003c/a\u003e fix: add integration and version num (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2481\"\u003e#2481\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/fd2811f0ffa3c14336f82057b9415accd22224c3\"\u003e\u003ccode\u003efd2811f\u003c/code\u003e\u003c/a\u003e feat: add raw response parsing for responses api to openai wrapper (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2480\"\u003e#2480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/f165a5fc94c990968a2e2e27c9b01e556a429d35\"\u003e\u003ccode\u003ef165a5f\u003c/code\u003e\u003c/a\u003e feat: add native thread querying support (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2455\"\u003e#2455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1fbe820e803a65f5fce1b16eee3780a81ec0249a\"\u003e\u003ccode\u003e1fbe820\u003c/code\u003e\u003c/a\u003e feat: persist failed trace payloads to disk for later replay (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2476\"\u003e#2476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/ada8d848f97cd92eb9f2d361e7b6e3373a111d0d\"\u003e\u003ccode\u003eada8d84\u003c/code\u003e\u003c/a\u003e fix(js): Fix list commits endpoint for private prompts (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2479\"\u003e#2479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8226f422679a2a27ae55071267db9674f640de7b\"\u003e\u003ccode\u003e8226f42\u003c/code\u003e\u003c/a\u003e chore(deps): bump google-cloud-aiplatform from 1.126.1 to 1.133.0 in /python ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/fe5ea0cbd44b083d4e86887f79f0ddff5f9fec73\"\u003e\u003ccode\u003efe5ea0c\u003c/code\u003e\u003c/a\u003e docs(python): document sandbox streaming, kill, stdin, and reconnect (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2449\"\u003e#2449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/087431bd27c9abb68ab9fad4302b89db0b468ef7\"\u003e\u003ccode\u003e087431b\u003c/code\u003e\u003c/a\u003e test(python): add tests for CommandHandle and sandbox streaming integration (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/642148e977ebe3b6f3e7a6abe0f6872d278ad1c0\"\u003e\u003ccode\u003e642148e\u003c/code\u003e\u003c/a\u003e feat(python): add CommandHandle for streaming, kill, stdin, and reconnect (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2\"\u003e#2\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.4.12...v0.7.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 7.13.0 to 7.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eShip a subset of the official documentation inside the \u003ccode\u003ereact-router\u003c/code\u003e package (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15121\"\u003e#15121\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eMarkdown docs are now available in \u003ccode\u003enode_modules/react-router/docs\u003c/code\u003e, letting AI coding agents and the React Router agent skills read official docs locally\u003c/li\u003e\n\u003cli\u003eExcludes auto-generated API docs (\u003ccode\u003eapi/\u003c/code\u003e), \u003ccode\u003ecommunity/\u003c/code\u003e content, and tutorials (\u003ccode\u003etutorials/\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStabilize \u003ccode\u003efuture.unstable_trailingSlashAwareDataRequests\u003c/code\u003e as \u003ccode\u003efuture.v8_trailingSlashAwareDataRequests\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15098\"\u003e#15098\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisable manifest path when lazy route dicovery is disabled (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15068\"\u003e#15068\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix browser URL creation to use the configured history window instead of the global window. (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15066\"\u003e#15066\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePass the history/router window through to \u003ccode\u003ecreateBrowserURLImpl\u003c/code\u003e so custom window contexts keep the correct URL origin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003euseNavigation()\u003c/code\u003e return type to preserve discriminated union across navigation states (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15095\"\u003e#15095\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWiden \u003ccode\u003eMetaDescriptor\u003c/code\u003e \u003ccode\u003escript:ld+json\u003c/code\u003e type from \u003ccode\u003eLdJsonObject\u003c/code\u003e to \u003ccode\u003eLdJsonObject | LdJsonObject[]\u003c/code\u003e to permit multiple JSON-LD schemas in a single \u003ccode\u003e\u0026lt;script type=\u0026quot;application/ld+json\u0026quot;\u0026gt;\u003c/code\u003e tag emitted by \u003ccode\u003e\u0026lt;Meta /\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15082\"\u003e#15082\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate router to operate on fetcher Maps in an immutable manner to avoid delayed React renders from potentially reading an updated but not yet committed Map. This could result in brief flickers in some fetcher-driven optimistic UI scenarios. (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15028\"\u003e#15028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eserverLoader()\u003c/code\u003e returning stale SSR data when a client navigation aborts pending hydration before the hydration \u003ccode\u003eclientLoader\u003c/code\u003e resolves (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15022\"\u003e#15022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRouterProvider\u003c/code\u003e \u003ccode\u003eonError\u003c/code\u003e callback not being called for synchronous initial loader errors in SPA mode (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15039\"\u003e#15039\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14942\"\u003e#14942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMemoize \u003ccode\u003euseFetchers\u003c/code\u003e to return a stable identity and only change if fetchers changed (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15028\"\u003e#15028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInternal refactor to consolidate mutation request detection through shared utility (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15033\"\u003e#15033\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnstable Changes\u003c/h3\u003e\n\u003cp\u003e⚠️ \u003cem\u003e\u003ca href=\"https://reactrouter.com/community/api-development-strategy#unstable-flags\"\u003eUnstable features\u003c/a\u003e are not recommended for production use\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a new \u003ccode\u003eunstable_useRouterState()\u003c/code\u003e hook that consolidates access to active and pending router states (RFC: \u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/12358\"\u003e#12358\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15017\"\u003e#15017\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eData/Framework/RSC only — throws when used without a data router\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThis should allow you to consolidate usages of the following hooks which will likely be deprecated and removed in a future major version\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003euseLocation\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseSearchParams\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseParams\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseMatches\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseNavigationType\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseNavigation\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/195a0d03c1417127ccee73853058c8521beb4fce\"\u003e\u003ccode\u003e195a0d0\u003c/code\u003e\u003c/a\u003e Release v7.17.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15145\"\u003e#15145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/963affeb924f2256bd20c0c5c87e4c4b4fcbd188\"\u003e\u003ccode\u003e963affe\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/97ef91d6f97e883d2d830fd1aef35ed3ae55e3a1\"\u003e\u003ccode\u003e97ef91d\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/c509c160d4258961ca0156ec083e35f3cf2bf97e\"\u003e\u003ccode\u003ec509c16\u003c/code\u003e\u003c/a\u003e Publish React Router docs in package (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15121\"\u003e#15121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/508d667460a3efd4b937cb67ca79494ea78960c4\"\u003e\u003ccode\u003e508d667\u003c/code\u003e\u003c/a\u003e docs: fix documentation accuracy issues (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15128\"\u003e#15128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/4099277ed68056bf480a4e0988b5a3bc685538cd\"\u003e\u003ccode\u003e4099277\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/582035467f34645521a2b272c3ec52906a495da4\"\u003e\u003ccode\u003e5820354\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/8984d23f86ca7ae5655711744b77816090bda4e6\"\u003e\u003ccode\u003e8984d23\u003c/code\u003e\u003c/a\u003e Release v7.16.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15105\"\u003e#15105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/d71025d9b86854180c995cb36fd3d28f58c459bf\"\u003e\u003ccode\u003ed71025d\u003c/code\u003e\u003c/a\u003e Stabilize trailing slash aware data requests (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15098\"\u003e#15098\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/6e21b638e1e692eaf19a8ff98ec05d28d5b23c70\"\u003e\u003ccode\u003e6e21b63\u003c/code\u003e\u003c/a\u003e fix: keep useNavigation() return type a discriminated union (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15095\"\u003e#15095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@7.17.0/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `shell-quote` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md\"\u003eshell-quote's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/compare/v1.8.3...v1.8.4\"\u003ev1.8.4\u003c/a\u003e - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003equote\u003c/code\u003e: validate object-token shapes \u003ca href=\"https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d\"\u003e\u003ccode\u003e4378a6e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/22ebec04349065a45ad8afc8cc8d53c4624634a6\"\u003e\u003ccode\u003e22ebec0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage \u003ca href=\"https://github.com/ljh...\n\n_Description has been truncated_","html_url":"https://github.com/theunstopabble/TexFolio/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/theunstopabble%2FTexFolio/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"0.3.87","new_version":"0.7.7","update_type":"minor","path":null,"pr_created_at":"2026-06-13T00:56:44.000Z","version_change":"0.3.87 → 0.7.7","issue":{"uuid":"4653642847","node_id":"PR_kwDOLOyHzc7l-sK0","number":10,"state":"open","title":"Bump the npm_and_yarn group across 3 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T00:56:44.000Z","updated_at":"2026-06-13T00:57:22.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"uuid","old_version":"9.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@tootallnate/once","old_version":"2.0.0","new_version":"2.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"lodash.template","old_version":"4.5.0","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"tar","old_version":"6.1.15","new_version":"6.2.1"},{"name":"esbuild","old_version":"0.27.7","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"langsmith","old_version":"0.3.87","new_version":"0.7.7"},{"name":"esbuild","old_version":"0.28.0","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /app directory: [uuid](https://github.com/uuidjs/uuid), [@tootallnate/once](https://github.com/TooTallNate/once) and [lodash.template](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 2 updates in the /examples/langchain-typescript-simple directory: [uuid](https://github.com/uuidjs/uuid) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /examples/typescript-functioncalling directory: [esbuild](https://github.com/evanw/esbuild).\n\nUpdates `uuid` from 9.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 2.0.0 to 2.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e@​tootallnate/once's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea1e5e2d: Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/v2.0.1/CHANGELOG.md\"\u003e@​tootallnate/once's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea1e5e2d: Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/bcbb21d387e5fb2d0bf8ec2fd8d0ac97d4553241\"\u003e\u003ccode\u003ebcbb21d\u003c/code\u003e\u003c/a\u003e ci: fix OIDC publishing — Node 24, npm latest, provenance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/dc24387be8e3405f1e7c911caf76c87b72a0e145\"\u003e\u003ccode\u003edc24387\u003c/code\u003e\u003c/a\u003e Version Packages (2.x) (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b8a6f80afcfd2482b4bdb1e29d784340a05e0ce3\"\u003e\u003ccode\u003eb8a6f80\u003c/code\u003e\u003c/a\u003e CI: test all Node versions on Linux only\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/dabcc0fb6202663cd83994f0a21ea1c710395327\"\u003e\u003ccode\u003edabcc0f\u003c/code\u003e\u003c/a\u003e ci: drop EOL Node.js 14.x/16.x, add 22.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b464efcf4238d92590245b4d211d2fc05a94d28a\"\u003e\u003ccode\u003eb464efc\u003c/code\u003e\u003c/a\u003e Update CI: modern Node versions, fix macOS ARM64 compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a1e5e2d784bcd1c65e49fac1524c6c94fe81f871\"\u003e\u003ccode\u003ea1e5e2d\u003c/code\u003e\u003c/a\u003e Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/2.0.0...v2.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash.template` from 4.5.0 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash.template's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.5.0...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 6.1.15 to 6.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bef7b1e4ffab822681fea2a9b22187192ed14717\"\u003e\u003ccode\u003ebef7b1e\u003c/code\u003e\u003c/a\u003e 6.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fe8cd57da5686f8695415414bda49206a545f7f7\"\u003e\u003ccode\u003efe8cd57\u003c/code\u003e\u003c/a\u003e prevent extraction in excessively deep subfolders\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fe7ebfdcede1f8a2e65db12e19ecc4b3a9934648\"\u003e\u003ccode\u003efe7ebfd\u003c/code\u003e\u003c/a\u003e remove security.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/5bc9d404e88c39870e0fbb55655a53de6fbf0a04\"\u003e\u003ccode\u003e5bc9d40\u003c/code\u003e\u003c/a\u003e 6.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fe1ef5ec87156ddadcec8b70cdec201f26665681\"\u003e\u003ccode\u003efe1ef5e\u003c/code\u003e\u003c/a\u003e changelog 6.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/e483220935d931cf6b09292aba62170e68f36205\"\u003e\u003ccode\u003ee483220\u003c/code\u003e\u003c/a\u003e get rid of npm lint stuff\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/689928a0ba7d9b9014d88a5fa35261f9ae4ef2f3\"\u003e\u003ccode\u003e689928a\u003c/code\u003e\u003c/a\u003e ci that works outside of npm org\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/db6f53928650a04b340ecdc01db2d49937e5d63c\"\u003e\u003ccode\u003edb6f539\u003c/code\u003e\u003c/a\u003e file inference improvements for .tbr and .tgz\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/336fa8f27c44bec70d46a6482096af24c668ee16\"\u003e\u003ccode\u003e336fa8f\u003c/code\u003e\u003c/a\u003e refactor: dry and other pr comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/eeba22238736ed0832488efb3c515ada98073424\"\u003e\u003ccode\u003eeeba222\u003c/code\u003e\u003c/a\u003e chore: lint fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v6.1.15...v6.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `uuid`\n\nUpdates `esbuild` from 0.27.7 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.27.7...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.3.87 to 0.7.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(js): subagent tool calls tracking for latest claude agent sdk by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2463\"\u003elangchain-ai/langsmith-sdk#2463\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.5 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2464\"\u003elangchain-ai/langsmith-sdk#2464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Respect traceRawHttp for tracing streaming AI SDK calls by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2466\"\u003elangchain-ai/langsmith-sdk#2466\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2467\"\u003elangchain-ai/langsmith-sdk#2467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add WebSocket transport for sandbox commands by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2443\"\u003elangchain-ai/langsmith-sdk#2443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(python): add tests for WebSocket transport layer by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2445\"\u003elangchain-ai/langsmith-sdk#2445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): use WebSocket transport by default with HTTP fallback by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2446\"\u003elangchain-ai/langsmith-sdk#2446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add CommandHandle for streaming, kill, stdin, and reconnect by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2450\"\u003elangchain-ai/langsmith-sdk#2450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(python): add tests for CommandHandle and sandbox streaming integration by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2448\"\u003elangchain-ai/langsmith-sdk#2448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(python): document sandbox streaming, kill, stdin, and reconnect by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2449\"\u003elangchain-ai/langsmith-sdk#2449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump google-cloud-aiplatform from 1.126.1 to 1.133.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2465\"\u003elangchain-ai/langsmith-sdk#2465\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix list commits endpoint for private prompts by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2479\"\u003elangchain-ai/langsmith-sdk#2479\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: persist failed trace payloads to disk for later replay by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2476\"\u003elangchain-ai/langsmith-sdk#2476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add native thread querying support by \u003ca href=\"https://github.com/ericdong-langchain\"\u003e\u003ccode\u003e@​ericdong-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2455\"\u003elangchain-ai/langsmith-sdk#2455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add raw response parsing for responses api to openai wrapper by \u003ca href=\"https://github.com/victorm-lc\"\u003e\u003ccode\u003e@​victorm-lc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2480\"\u003elangchain-ai/langsmith-sdk#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add integration and version num by \u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2481\"\u003elangchain-ai/langsmith-sdk#2481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.5.7 by \u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2482\"\u003elangchain-ai/langsmith-sdk#2482\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samecrowder\"\u003e\u003ccode\u003e@​samecrowder\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2481\"\u003elangchain-ai/langsmith-sdk#2481\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.6...v0.7.7\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.6...v0.7.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(python): add sandbox exception types and client plumbing by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2442\"\u003elangchain-ai/langsmith-sdk#2442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py, claude agent sdk): Correctly parent spans in asyncio context by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2457\"\u003elangchain-ai/langsmith-sdk#2457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(py): Improve retry logic for tracing ops by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2459\"\u003elangchain-ai/langsmith-sdk#2459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(py, claude agent sdk): Add wrapping for PostToolUseFailure hook by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2460\"\u003elangchain-ai/langsmith-sdk#2460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(claude agent sdk): rm debug logs by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2461\"\u003elangchain-ai/langsmith-sdk#2461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.6 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2462\"\u003elangchain-ai/langsmith-sdk#2462\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump chalk from 4.1.2 to 5.6.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2416\"\u003elangchain-ai/langsmith-sdk#2416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump \u003ccode\u003e@​jest/reporters\u003c/code\u003e from 29.7.0 to 30.2.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2417\"\u003elangchain-ai/langsmith-sdk#2417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 16 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2440\"\u003elangchain-ai/langsmith-sdk#2440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pandas-stubs from 2.3.3.251219 to 2.3.3.260113 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2404\"\u003elangchain-ai/langsmith-sdk#2404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group across 1 directory with 10 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2433\"\u003elangchain-ai/langsmith-sdk#2433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake zstandard optional by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2453\"\u003elangchain-ai/langsmith-sdk#2453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py/adk): fix multi-agent tracing by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2451\"\u003elangchain-ai/langsmith-sdk#2451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.5 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2456\"\u003elangchain-ai/langsmith-sdk#2456\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.4...v0.7.5\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.4...v0.7.5\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.7.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.28.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.27.7...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/HarleyCoops/ollama/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/HarleyCoops/ollama/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Follama/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"0.3.49","new_version":"0.3.87","update_type":"patch","path":null,"pr_created_at":"2026-06-12T22:51:30.000Z","version_change":"0.3.49 → 0.3.87","issue":{"uuid":"4653143065","node_id":"PR_kwDOPbma_s7l9Elz","number":12,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-12T22:51:30.000Z","updated_at":"2026-06-12T23:01:50.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"langsmith","old_version":"0.3.49","new_version":"0.3.87","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"@hono/node-server","old_version":"1.17.1","new_version":"1.19.14","repository_url":"https://github.com/honojs/node-server"},{"name":"esbuild","old_version":"0.25.8","new_version":"0.25.12","repository_url":"https://github.com/evanw/esbuild"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"hono","old_version":"4.11.7","new_version":"4.12.25","repository_url":"https://github.com/honojs/hono"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"tar","old_version":"7.5.7","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 10 updates in the /docs/_scripts/js_translation/codeblocks directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.49` | `0.3.87` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.17.1` | `1.19.14` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.8` | `0.25.12` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [hono](https://github.com/honojs/hono) | `4.11.7` | `4.12.25` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.15` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.7` | `7.5.16` |\n\nBumps the npm_and_yarn group with 2 updates in the /libs/cli/js-examples directory: [flatted](https://github.com/WebReflection/flatted) and [picomatch](https://github.com/micromatch/picomatch).\n\nUpdates `langsmith` from 0.3.49 to 0.3.87\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.17.1 to 1.19.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.14\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add custom inspect to lightweight Request/Response to prevent TypeError on console.log by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/340\"\u003ehonojs/node-server#340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(globals): Stop overwriting global.fetch by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/295\"\u003ehonojs/node-server#295\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add guide for listening to UNIX domain socket by \u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serve-static): Use Readable.toWeb in serveStatic by \u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b5e63a366d9b0ef62ac65fcafd7f69b383b03ff5\"\u003e\u003ccode\u003eb5e63a3\u003c/code\u003e\u003c/a\u003e 1.19.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c02d7770a2d29ea473403211bef0a60639885a28\"\u003e\u003ccode\u003ec02d777\u003c/code\u003e\u003c/a\u003e fix: add custom inspect to lightweight Request/Response to prevent TypeError ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.17.1...v1.19.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.8 to 0.25.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a minification regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4315\"\u003e#4315\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for \u003ccode\u003e@media \u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt; { ... }\u003c/code\u003e was missing an equality check for the \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e part, so rules with different suffix clauses in this position would incorrectly compare equal and be deduplicated. This release fixes the regression.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate the list of known JavaScript globals (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4310\"\u003e#4310\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release updates esbuild's internal list of known JavaScript globals. These are globals that are known to not have side-effects when the property is accessed. For example, accessing the global \u003ccode\u003eArray\u003c/code\u003e property is considered to be side-effect free but accessing the global \u003ccode\u003escrollY\u003c/code\u003e property can trigger a layout, which is a side-effect. This is used by esbuild's tree-shaking to safely remove unused code that is known to be side-effect free. This update adds the following global properties:\u003c/p\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2017/\"\u003eES2017\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAtomics\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSharedArrayBuffer\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2020/\"\u003eES2020\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBigInt64Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eBigUint64Array\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2021/\"\u003eES2021\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eFinalizationRegistry\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eWeakRef\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2025/\"\u003eES2025\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eIterator\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNote that this does not indicate that constructing any of these objects is side-effect free, just that accessing the identifier is side-effect free. For example, this now allows esbuild to tree-shake classes that extend from \u003ccode\u003eIterator\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// This can now be tree-shaken by esbuild:\nclass ExampleIterator extends Iterator {}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for the new \u003ccode\u003e@view-transition\u003c/code\u003e CSS rule (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4313\"\u003e#4313\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eWith this release, esbuild now has improved support for pretty-printing and minifying the new \u003ccode\u003e@view-transition\u003c/code\u003e rule (which esbuild was previously unaware of):\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@view-transition {\n  navigation: auto;\n  types: check;\n}\n\u003cp\u003e/* Old output */\u003cbr /\u003e\n\u003ca href=\"https://github.com/view-transition\"\u003e\u003ccode\u003e@​view-transition\u003c/code\u003e\u003c/a\u003e { navigation: auto; types: check; }\u003c/p\u003e\n\u003cp\u003e/* New output */\u003cbr /\u003e\n\u003ca href=\"https://github.com/view-transition\"\u003e\u003ccode\u003e@​view-transition\u003c/code\u003e\u003c/a\u003e {\u003cbr /\u003e\nnavigation: auto;\u003cbr /\u003e\ntypes: check;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.25.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a minification regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4315\"\u003e#4315\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for \u003ccode\u003e@media \u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt; { ... }\u003c/code\u003e was missing an equality check for the \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e part, so rules with different suffix clauses in this position would incorrectly compare equal and be deduplicated. This release fixes the regression.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate the list of known JavaScript globals (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4310\"\u003e#4310\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release updates esbuild's internal list of known JavaScript globals. These are globals that are known to not have side-effects when the property is accessed. For example, accessing the global \u003ccode\u003eArray\u003c/code\u003e property is considered to be side-effect free but accessing the global \u003ccode\u003escrollY\u003c/code\u003e property can trigger a layout, which is a side-effect. This is used by esbuild's tree-shaking to safely remove unused code that is known to be side-effect free. This update adds the following global properties:\u003c/p\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2017/\"\u003eES2017\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAtomics\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSharedArrayBuffer\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2020/\"\u003eES2020\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBigInt64Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eBigUint64Array\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2021/\"\u003eES2021\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eFinalizationRegistry\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eWeakRef\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFrom \u003ca href=\"https://tc39.es/ecma262/2025/\"\u003eES2025\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eIterator\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNote that this does not indicate that constructing any of these objects is side-effect free, just that accessing the identifier is side-effect free. For example, this now allows esbuild to tree-shake classes that extend from \u003ccode\u003eIterator\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// This can now be tree-shaken by esbuild:\nclass ExampleIterator extends Iterator {}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for the new \u003ccode\u003e@view-transition\u003c/code\u003e CSS rule (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4313\"\u003e#4313\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eWith this release, esbuild now has improved support for pretty-printing and minifying the new \u003ccode\u003e@view-transition\u003c/code\u003e rule (which esbuild was previously unaware of):\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@view-transition {\n  navigation: auto;\n  types: check;\n}\n\u003cp\u003e/* Old output */\u003cbr /\u003e\n\u003ca href=\"https://github.com/view-transition\"\u003e\u003ccode\u003e@​view-transition\u003c/code\u003e\u003c/a\u003e { navigation: auto; types: check; }\u003c/p\u003e\n\u003cp\u003e/* New output */\u003cbr /\u003e\n\u003ca href=\"https://github.com/view-transition\"\u003e\u003ccode\u003e@​view-transition\u003c/code\u003e\u003c/a\u003e {\u003cbr /\u003e\nnavigation: auto;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/208f539945b145e7c9d6d844290f81c3fe5af320\"\u003e\u003ccode\u003e208f539\u003c/code\u003e\u003c/a\u003e publish 0.25.12 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/5f03afdd007f6626d4300afc7cbb5bf7c9554393\"\u003e\u003ccode\u003e5f03afd\u003c/code\u003e\u003c/a\u003e update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/6b2ee78d7f273d7ed4c4bb08b516939b373bcd67\"\u003e\u003ccode\u003e6b2ee78\u003c/code\u003e\u003c/a\u003e minify: remove css rules containing empty \u003ccode\u003e:is()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f361debd61ffa0ae2d810fbe0e4c9d39183ed4c6\"\u003e\u003ccode\u003ef361deb\u003c/code\u003e\u003c/a\u003e add some additional known static methods\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/07aa646bb2fd9c5eb1de804edf9eae5bd1617637\"\u003e\u003ccode\u003e07aa646\u003c/code\u003e\u003c/a\u003e automatically mark \u0026quot;RegExp.escape()\u0026quot; calls as pure\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9039c468258fd9a19eeaf5e05fd6a3d582b46d3a\"\u003e\u003ccode\u003e9039c46\u003c/code\u003e\u003c/a\u003e simplify some call expression checks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/188944dd946dd54d50bbe844dc22969b604589d0\"\u003e\u003ccode\u003e188944d\u003c/code\u003e\u003c/a\u003e add some additional known static methods\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d3c67f9e94267d06337d2e2e0d837844d2cac6bd\"\u003e\u003ccode\u003ed3c67f9\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4310\"\u003e#4310\u003c/a\u003e: add \u003ccode\u003eIterator\u003c/code\u003e and other known globals\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4a51f0b24d343d7ae5b7d5a3e5c3afce3f96a0f8\"\u003e\u003ccode\u003e4a51f0b\u003c/code\u003e\u003c/a\u003e fix: escape dev server breadcrumb hrefs properly (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4316\"\u003e#4316\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/26b29ed51ffe20730ffaf69921dbb53e27de464a\"\u003e\u003ccode\u003e26b29ed\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4315\"\u003e#4315\u003c/a\u003e: \u003ccode\u003e@media\u003c/code\u003e deduplication bug edge case\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.8...v0.25.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.5.3 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v4.5.3...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.11.7 to 4.12.25\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.25\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eCORS Middleware reflects any Origin with credentials when \u003ccode\u003eorigin\u003c/code\u003e defaults to the wildcard\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cors\u003c/code\u003e. Fixes the wildcard origin reflecting the request \u003ccode\u003eOrigin\u003c/code\u003e and sending \u003ccode\u003eAccess-Control-Allow-Credentials: true\u003c/code\u003e when \u003ccode\u003ecredentials: true\u003c/code\u003e is set without an explicit \u003ccode\u003eorigin\u003c/code\u003e, where any site a logged-in user visited could make credentialed cross-origin requests and read responses from cookie-authenticated endpoints. GHSA-88fw-hqm2-52qc\u003c/p\u003e\n\u003ch3\u003eBody Limit Middleware can be bypassed on AWS Lambda by understating \u003ccode\u003eContent-Length\u003c/code\u003e\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/body-limit\u003c/code\u003e on AWS Lambda (\u003ccode\u003ehono/aws-lambda\u003c/code\u003e, \u003ccode\u003ehono/lambda-edge\u003c/code\u003e). Fixes the request being built with the client-declared \u003ccode\u003eContent-Length\u003c/code\u003e while the body is delivered fully buffered, where a client could declare a small \u003ccode\u003eContent-Length\u003c/code\u003e with a much larger body and slip past the configured size limit. GHSA-rv63-4mwf-qqc2\u003c/p\u003e\n\u003ch3\u003ePath traversal in \u003ccode\u003eserve-static\u003c/code\u003e on Windows via encoded backslash (\u003ccode\u003e%5C\u003c/code\u003e)\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eserveStatic\u003c/code\u003e on Windows (Node, Bun, Deno adapters). Fixes the path guard allowing a lone backslash, where an encoded backslash (\u003ccode\u003e%5C\u003c/code\u003e) decoded to \u003ccode\u003e\\\u003c/code\u003e was treated as a separator by the Windows path resolver, letting a single URL segment escape into a middleware-guarded subtree. GHSA-wwfh-h76j-fc44\u003c/p\u003e\n\u003ch3\u003eAWS Lambda adapter merges multiple \u003ccode\u003eSet-Cookie\u003c/code\u003e headers into one value, dropping cookies on ALB single-header and Lattice\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/aws-lambda\u003c/code\u003e. Fixes multiple \u003ccode\u003eSet-Cookie\u003c/code\u003e response headers being joined into one comma-separated value for ALB single-header responses and VPC Lattice v2, where the value could not be split back into individual cookies and clients silently dropped or misparsed them. GHSA-j6c9-x7qj-28xf\u003c/p\u003e\n\u003ch3\u003eLambda@Edge adapter keeps only the last value of a repeated request header, dropping the rest\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/lambda-edge\u003c/code\u003e. Fixes repeated request headers being written with overwrite instead of append, where only the last value of a header such as \u003ccode\u003eX-Forwarded-For\u003c/code\u003e reached the application and the remaining values were silently dropped. GHSA-wgpf-jwqj-8h8p\u003c/p\u003e\n\u003ch2\u003ev4.12.24\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(contribution): simplifyAI Usage Policy by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4972\"\u003ehonojs/hono#4972\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove \u003ccode\u003e@​types/glob\u003c/code\u003e by \u003ca href=\"https://github.com/rtritto\"\u003e\u003ccode\u003e@​rtritto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4978\"\u003ehonojs/hono#4978\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(bearer-auth): mention verifyToken in missing-options error message by \u003ca href=\"https://github.com/tan7vir\"\u003e\u003ccode\u003e@​tan7vir\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4987\"\u003ehonojs/hono#4987\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(language): Test/improve tests on languages middleware by \u003ca href=\"https://github.com/iNeoO\"\u003e\u003ccode\u003e@​iNeoO\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4980\"\u003ehonojs/hono#4980\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(utils/ipaddr): expand \u0026quot;::\u0026quot; to eight zero groups by \u003ca href=\"https://github.com/youcefzemmar\"\u003e\u003ccode\u003e@​youcefzemmar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4973\"\u003ehonojs/hono#4973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clean up config files trailing comma, stale excludes, typesVersions gaps, jsr paths by \u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4982\"\u003ehonojs/hono#4982\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(timing): Test/add test for middleware timing by \u003ca href=\"https://github.com/iNeoO\"\u003e\u003ccode\u003e@​iNeoO\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4991\"\u003ehonojs/hono#4991\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(utils/ipaddr): render the unspecified address binary as \u0026quot;::\u0026quot; by \u003ca href=\"https://github.com/sarathfrancis90\"\u003e\u003ccode\u003e@​sarathfrancis90\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4998\"\u003ehonojs/hono#4998\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.23...v4.12.24\"\u003ehttps://github.com/honojs/hono/compare/v4.12.23...v4.12.24\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.23\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(serve-static): normalize all backslashes in file paths, not just the first in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4962\"\u003ehonojs/hono#4962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(context): export the Context class publicly by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4543\"\u003ehonojs/hono#4543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(contribution): add AI Usage Policy by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4970\"\u003ehonojs/hono#4970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(compress): add contentTypeFilter option and \u003ccode\u003eCOMPRESSIBLE_CONTENT_TYPE_REGEX\u003c/code\u003e re-export by \u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4961\"\u003ehonojs/hono#4961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(utils/ipaddr): do not compress a single 0 group to \u003ccode\u003e::\u003c/code\u003e by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4971\"\u003ehonojs/hono#4971\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.22...v4.12.23\"\u003ehttps://github.com/honojs/hono/compare/v4.12.22...v4.12.23\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/fce483e11466b72d27e61d44523c7e6edeb19e50\"\u003e\u003ccode\u003efce483e\u003c/code\u003e\u003c/a\u003e 4.12.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/751ba41ba26dff20351a13964c07627ddcf382b6\"\u003e\u003ccode\u003e751ba41\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f0b094db8474696344d98e5665a4ac2a6d5f346e\"\u003e\u003ccode\u003ef0b094d\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/fa5f9bfcc25d65e08af85211cc2e5ecd0e0ea24b\"\u003e\u003ccode\u003efa5f9bf\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/3892a6c2b54f974505de41013fcac88a71908e3d\"\u003e\u003ccode\u003e3892a6c\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/74c2cf8ef4f5cc29a876380df1ba230ff7128b3f\"\u003e\u003ccode\u003e74c2cf8\u003c/code\u003e\u003c/a\u003e test(aws-lambda): update integration tests (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/5012\"\u003e#5012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/7ae7cbae5d0ed8a40e8b9cc353e13175b9d7e3e1\"\u003e\u003ccode\u003e7ae7cba\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/1b1384815485f9d6590c6966e23a06fd07166cb7\"\u003e\u003ccode\u003e1b13848\u003c/code\u003e\u003c/a\u003e chore(ci): bump codecov-action to v7.0.0 (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/5011\"\u003e#5011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/5fdde5ab5a7d7c89eba4d1ceab76f4a7c011cd3b\"\u003e\u003ccode\u003e5fdde5a\u003c/code\u003e\u003c/a\u003e 4.12.24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c78932d745cdf6284ae131a156479ac930da0262\"\u003e\u003ccode\u003ec78932d\u003c/code\u003e\u003c/a\u003e fix(utils/ipaddr): render the unspecified address binary as \u0026quot;::\u0026quot; (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4998\"\u003e#4998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.11.7...v4.12.25\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.6 to 8.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/eae46db765d752cf8f40c4fa2b0b85030079c43d\"\u003e\u003ccode\u003eeae46db\u003c/code\u003e\u003c/a\u003e Release 8.5.15 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/79508ffa59e42c02056aca61b88bc393c8b516c4\"\u003e\u003ccode\u003e79508ff\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b128e2131288a411c6e28071d0929542c49e74eb\"\u003e\u003ccode\u003eb128e21\u003c/code\u003e\u003c/a\u003e Speed up declaration parsing by avoiding creating new array on each token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9825dca02c33cf610e2a842be767468b67fbecf9\"\u003e\u003ccode\u003e9825dca\u003c/code\u003e\u003c/a\u003e Fix code format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/55789c865281e2be194fa5b4e41dd046be3a2307\"\u003e\u003ccode\u003e55789c8\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/84fbbe9009cb3cc3bbb4cc3a9b65d468f4844d95\"\u003e\u003ccode\u003e84fbbe9\u003c/code\u003e\u003c/a\u003e Install older pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9f860bd78ec1dbc4f0ae72d693f03f956baa38cb\"\u003e\u003ccode\u003e9f860bd\u003c/code\u003e\u003c/a\u003e Revert pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/08771986d47359545f502e009763e223b66bfcf6\"\u003e\u003ccode\u003e0877198\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b2d1a335cea818f8b27e5cfb90147648afe3e582\"\u003e\u003ccode\u003eb2d1a33\u003c/code\u003e\u003c/a\u003e Fix linter warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/0700dac92283bc259977dff2743ca74a00f58267\"\u003e\u003ccode\u003e0700dac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2088\"\u003e#2088\u003c/a\u003e from rootvector2/add-oss-fuzz-harness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.7 to 7.5.16\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/cf213384ac558b539c07c830ed7cca5ffc9e8550\"\u003e\u003ccode\u003ecf21338\u003c/code\u003e\u003c/a\u003e 7.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/21a822027658c8063542be330530bbecdf0dbbfe\"\u003e\u003ccode\u003e21a8220\u003c/code\u003e\u003c/a\u003e do not apply PAX header fields to meta entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/52632cf38fdbdbbc7ab86184d68a85b11fdb0970\"\u003e\u003ccode\u003e52632cf\u003c/code\u003e\u003c/a\u003e update project deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/302f51ff3f8eefeccc06be4caf7d0de9b7c321d7\"\u003e\u003ccode\u003e302f51f\u003c/code\u003e\u003c/a\u003e fix inconsequential typo in PENDINGLINKS symbol name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/55dbb99b27640bb12b2ac059b26883c23523b3e3\"\u003e\u003ccode\u003e55dbb99\u003c/code\u003e\u003c/a\u003e remove some uses of mutate-fs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/87cc309f13c21d598b0b833235d387a252455058\"\u003e\u003ccode\u003e87cc309\u003c/code\u003e\u003c/a\u003e 7.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7aef486f0d21c10fd7790b16b1b28f04648cf334\"\u003e\u003ccode\u003e7aef486\u003c/code\u003e\u003c/a\u003e fix: regression in pending links detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/GlacierEQ/langgraph/network/alerts).\n\n\u003c/details\u003e\n\n---\n\n🔧 This PR updates 10 npm dependencies across two directories, bringing security fixes, performance improvements, and bug fixes to the project's JavaScript toolchain and runtime dependencies.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Security Updates**: Multiple packages include critical security fixes, particularly `picomatch` (CVE-2026-33671, CVE-2026-33672), `flatted` (CWE-1321), and `hono` (CORS, body limit, path traversal fixes)\n- **Build Tools**: Updated `esbuild` (0.25.8→0.25.12) with CSS media query fixes and improved tree-shaking for newer JavaScript globals\n- **Performance Improvements**: `postcss` (8.5.6→8.5.15) includes declaration parsing optimizations and XSS protection fixes\n- **Framework Updates**: Major version bump for `hono` (4.11.7→4.12.25) and `@hono/node-server` (1.17.1→1.19.14) with multiple security and stability improvements\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 10 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Performance Issues Detected]\n    C --\u003e E[Update picomatch, flatted, hono]\n    D --\u003e F[Update esbuild, postcss]\n    E --\u003e G[Apply Security Patches]\n    F --\u003e H[Apply Performance Fixes]\n    G --\u003e I[Updated yarn.lock Files]\n    H --\u003e I\n    I --\u003e J[Two Directories Updated]\n    J --\u003e K[/docs/_scripts/js_translation/codeblocks]\n    J --\u003e L[/libs/cli/js-examples]\n```\n\n### Impact\n- **Security Enhancement**: Resolves multiple CVEs and security advisories, particularly around CORS bypass, path traversal, and prototype pollution vulnerabilities\n- **Performance Optimization**: Improved CSS parsing performance in PostCSS and better tree-shaking capabilities in esbuild for modern JavaScript features\n- **Stability Improvements**: Bug fixes in HTTP handling, request processing, and file serving across the Hono ecosystem\n- **Maintenance**: Keeps dependencies current with latest patches, reducing technical debt and ensuring compatibility with modern JavaScript standards\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate JS dependencies in `docs/_scripts/js_translation/codeblocks` and `libs/cli/js-examples` to apply security patches and performance fixes. Key bumps include `hono` 4.12.25, `@hono/node-server` 1.19.14, `esbuild` 0.25.12, `postcss` 8.5.15, `langsmith` 0.3.87, and more.\n\n- **Dependencies**\n  - Security: `hono` (CORS, body limit, path traversal), `@hono/node-server` (static middleware bypass), `picomatch` 2.3.2, `flatted` 3.4.2, `tar` 7.5.16.\n  - Build/Perf: `esbuild` 0.25.12 (CSS/media queries, tree-shaking), `postcss` 8.5.15 (parsing perf, XSS fix), `fast-xml-parser` 4.5.6.\n  - Other fixes: `minimatch` 3.1.5, `hono` runtime improvements, `langsmith` 0.3.87.\n  - Scope: lockfile-only updates; no app code changes expected.\n\n\u003csup\u003eWritten for commit c920189b45933ecc3d7af8ec50d63568ce339d7d. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/GlacierEQ/langgraph/pull/12?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/GlacierEQ/langgraph/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Flanggraph/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"}},{"old_version":"0.7.5","new_version":"0.7.6","update_type":"patch","path":null,"pr_created_at":"2026-06-10T23:32:33.000Z","version_change":"0.7.5 → 0.7.6","issue":{"uuid":"4635841716","node_id":"PR_kwDOR4ZFgs7lFerK","number":976,"state":"open","title":"chore(deps-dev): bump the dev-dependencies group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T23:32:33.000Z","updated_at":"2026-06-10T23:33:11.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev): bump","group_name":"dev-dependencies","update_count":4,"packages":[{"name":"turbo","old_version":"2.9.17","new_version":"2.9.18","repository_url":"https://github.com/vercel/turborepo"},{"name":"@types/node","old_version":"25.9.2","new_version":"25.9.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"langsmith","old_version":"0.7.5","new_version":"0.7.6","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"@cloudflare/workers-types","old_version":"4.20260609.1","new_version":"4.20260610.1","repository_url":"https://github.com/cloudflare/workerd"}],"path":null,"ecosystem":"npm"},"body":"Bumps the dev-dependencies group with 4 updates in the / directory: [turbo](https://github.com/vercel/turborepo), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [@cloudflare/workers-types](https://github.com/cloudflare/workerd).\n\nUpdates `turbo` from 2.9.17 to 2.9.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/releases\"\u003eturbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTurborepo v2.9.18\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.17 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13047\"\u003evercel/turborepo#13047\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Fetch version.txt via API in docs alias failure notification by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13050\"\u003evercel/turborepo#13050\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden cache archive symlink restore by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13051\"\u003evercel/turborepo#13051\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove web UI mode by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13052\"\u003evercel/turborepo#13052\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden query server file access by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13053\"\u003evercel/turborepo#13053\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Confine prune patch paths by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13054\"\u003evercel/turborepo#13054\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Prevent git argument injection in SCM refs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13055\"\u003evercel/turborepo#13055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Strip special mode bits from cache restore by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13056\"\u003evercel/turborepo#13056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Contain incremental cache outputs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13057\"\u003evercel/turborepo#13057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(turborepo): Normalize Windows daemon path hash by \u003ca href=\"https://github.com/Balance8\"\u003e\u003ccode\u003e@​Balance8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13020\"\u003evercel/turborepo#13020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Preserve vt100 cell byte counts by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13058\"\u003evercel/turborepo#13058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Separate artifact signature fields by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13059\"\u003evercel/turborepo#13059\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate OidHash hex buffers by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13060\"\u003evercel/turborepo#13060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Block self-hosted login URLs from attempting to use Vercel's SSO by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13061\"\u003evercel/turborepo#13061\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Balance8\"\u003e\u003ccode\u003e@​Balance8\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13020\"\u003evercel/turborepo#13020\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\"\u003ehttps://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/3bdce3277d2e61cdbf29f244a515dd4b896d2556\"\u003e\u003ccode\u003e3bdce32\u003c/code\u003e\u003c/a\u003e publish 2.9.18 to registry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/2a76556b9457c514fa597a09fef23da2e1250c8c\"\u003e\u003ccode\u003e2a76556\u003c/code\u003e\u003c/a\u003e fix: Block self-hosted login URLs from attempting to use Vercel's SSO (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13061\"\u003e#13061\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/da8e3487acce10039425180c42875d7ccc484ed5\"\u003e\u003ccode\u003eda8e348\u003c/code\u003e\u003c/a\u003e fix: Validate OidHash hex buffers (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13060\"\u003e#13060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/3018717c28fc8f1ecffa2c92e3260be0dc0165aa\"\u003e\u003ccode\u003e3018717\u003c/code\u003e\u003c/a\u003e fix: Separate artifact signature fields (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13059\"\u003e#13059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/34514e278822ccbe3a083730b7032709ef16f85c\"\u003e\u003ccode\u003e34514e2\u003c/code\u003e\u003c/a\u003e fix: Preserve vt100 cell byte counts (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13058\"\u003e#13058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/24e2d3498f54fa1f8b729f18764f63cb05072bc6\"\u003e\u003ccode\u003e24e2d34\u003c/code\u003e\u003c/a\u003e fix(turborepo): Normalize Windows daemon path hash (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13020\"\u003e#13020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/16dc881cabf5c13d02c27a5d7cfdfeb60736206c\"\u003e\u003ccode\u003e16dc881\u003c/code\u003e\u003c/a\u003e fix: Contain incremental cache outputs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13057\"\u003e#13057\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/92e1f8e5365ea5a95e47c3698deb2f7adaa55eba\"\u003e\u003ccode\u003e92e1f8e\u003c/code\u003e\u003c/a\u003e fix: Strip special mode bits from cache restore (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13056\"\u003e#13056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/f46f896ef414823582131304c9749e9be011fe37\"\u003e\u003ccode\u003ef46f896\u003c/code\u003e\u003c/a\u003e fix: Prevent git argument injection in SCM refs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13055\"\u003e#13055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/7f353ca3a6f28fbbcce931aeab7be0efe718c466\"\u003e\u003ccode\u003e7f353ca\u003c/code\u003e\u003c/a\u003e fix: Confine prune patch paths (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13054\"\u003e#13054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.2 to 25.9.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.7.5 to 0.7.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(python): add sandbox exception types and client plumbing by \u003ca href=\"https://github.com/DanielKneipp\"\u003e\u003ccode\u003e@​DanielKneipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2442\"\u003elangchain-ai/langsmith-sdk#2442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(py, claude agent sdk): Correctly parent spans in asyncio context by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2457\"\u003elangchain-ai/langsmith-sdk#2457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(py): Improve retry logic for tracing ops by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2459\"\u003elangchain-ai/langsmith-sdk#2459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(py, claude agent sdk): Add wrapping for PostToolUseFailure hook by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2460\"\u003elangchain-ai/langsmith-sdk#2460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(claude agent sdk): rm debug logs by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2461\"\u003elangchain-ai/langsmith-sdk#2461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.6 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2462\"\u003elangchain-ai/langsmith-sdk#2462\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/22a048477ae08ff8adace5398551d287e1722891\"\u003e\u003ccode\u003e22a0484\u003c/code\u003e\u003c/a\u003e release(py): 0.7.6 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2462\"\u003e#2462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/01acee8618311b8b67768bb46bf8c44dba577402\"\u003e\u003ccode\u003e01acee8\u003c/code\u003e\u003c/a\u003e chore(claude agent sdk): rm debug logs (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2461\"\u003e#2461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/4e366c4685da981055923fad3e21d0a913525ed7\"\u003e\u003ccode\u003e4e366c4\u003c/code\u003e\u003c/a\u003e feat(py, claude agent sdk): Add wrapping for PostToolUseFailure hook (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2460\"\u003e#2460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/4e255078534c6d24b827774a4b6896c4acb289f0\"\u003e\u003ccode\u003e4e25507\u003c/code\u003e\u003c/a\u003e perf(py): Improve retry logic for tracing ops (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2459\"\u003e#2459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/daa0330affcfac9231c1f5c573976b222e0c3735\"\u003e\u003ccode\u003edaa0330\u003c/code\u003e\u003c/a\u003e fix(py, claude agent sdk): Correctly parent spans in asyncio context (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2457\"\u003e#2457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/070a20719ae3ca50db54860b4fc62a9f20ff7a40\"\u003e\u003ccode\u003e070a207\u003c/code\u003e\u003c/a\u003e feat(python): add sandbox exception types and client plumbing (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2442\"\u003e#2442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.5...v0.7.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@cloudflare/workers-types` from 4.20260609.1 to 4.20260610.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cloudflare/workerd/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/AgentsKit-io/agentskit/pull/976","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AgentsKit-io%2Fagentskit/issues/976","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/976/packages"}},{"old_version":"0.5.12","new_version":"0.7.4","update_type":"minor","path":null,"pr_created_at":"2026-06-04T02:24:57.000Z","version_change":"0.5.12 → 0.7.4","issue":{"uuid":"4585237947","node_id":"PR_kwDORs2SxM7if2cJ","number":80,"state":"closed","title":"chore(deps): bump langsmith from 0.5.12 to 0.7.4","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-08T20:44:47.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-04T02:24:57.000Z","updated_at":"2026-06-08T20:44:49.000Z","time_to_close":411590,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"langsmith","old_version":"0.5.12","new_version":"0.7.4","repository_url":"https://github.com/langchain-ai/langsmith-sdk"}],"path":null,"ecosystem":"npm"},"body":"Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.5.12 to 0.7.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(google-adk): add wrapt dependency by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2436\"\u003elangchain-ai/langsmith-sdk#2436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: lock dependencies by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2439\"\u003elangchain-ai/langsmith-sdk#2439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.4 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2441\"\u003elangchain-ai/langsmith-sdk#2441\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: propagate tracingEnabled to nested traceables by \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2427\"\u003elangchain-ai/langsmith-sdk#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(python): openai agents: delay span start for spans without inputs on start event by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2424\"\u003elangchain-ai/langsmith-sdk#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.3 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2428\"\u003elangchain-ai/langsmith-sdk#2428\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2389\"\u003elangchain-ai/langsmith-sdk#2389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove \u003ca href=\"https://github.com/internal\"\u003e\u003ccode\u003e@​internal\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2391\"\u003elangchain-ai/langsmith-sdk#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2392\"\u003elangchain-ai/langsmith-sdk#2392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump openai from 5.8.2 to 6.18.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2378\"\u003elangchain-ai/langsmith-sdk#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump cross-env from 7.0.3 to 10.1.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2379\"\u003elangchain-ai/langsmith-sdk#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2376\"\u003elangchain-ai/langsmith-sdk#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump node-fetch from 2.7.0 to 3.3.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2380\"\u003elangchain-ai/langsmith-sdk#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGoogle ADK LangSmith tracing enhancements by \u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependabot.yml to comply with posture checks by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2393\"\u003elangchain-ai/langsmith-sdk#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump cryptography from 46.0.3 to 46.0.5 in /python in the uv group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2397\"\u003elangchain-ai/langsmith-sdk#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2398\"\u003elangchain-ai/langsmith-sdk#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2399\"\u003elangchain-ai/langsmith-sdk#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump packaging from 25.0 to 26.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2403\"\u003elangchain-ai/langsmith-sdk#2403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pytest from 8.4.2 to 9.0.2 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2405\"\u003elangchain-ai/langsmith-sdk#2405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 20 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2406\"\u003elangchain-ai/langsmith-sdk#2406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Log Vitest/Jest outputs even if test throws an error by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2408\"\u003elangchain-ai/langsmith-sdk#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove async by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2409\"\u003elangchain-ai/langsmith-sdk#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.3 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2410\"\u003elangchain-ai/langsmith-sdk#2410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignoring p-queue dep by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2414\"\u003elangchain-ai/langsmith-sdk#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add on_start handler for traceable, use in evaluate by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2421\"\u003elangchain-ai/langsmith-sdk#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.4 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2422\"\u003elangchain-ai/langsmith-sdk#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2419\"\u003elangchain-ai/langsmith-sdk#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2423\"\u003elangchain-ai/langsmith-sdk#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2426\"\u003elangchain-ai/langsmith-sdk#2426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.7.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith\u0026package-manager=npm_and_yarn\u0026previous-version=0.5.12\u0026new-version=0.7.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/el-musleh/Go-Fish/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/el-musleh/Go-Fish/pull/80","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/el-musleh%2FGo-Fish/issues/80","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/80/packages"}},{"old_version":"0.7.2","new_version":"0.7.4","update_type":"patch","path":null,"pr_created_at":"2026-06-03T16:45:38.000Z","version_change":"0.7.2 → 0.7.4","issue":{"uuid":"4581863151","node_id":"PR_kwDOPHQ0Fc7iUmOu","number":679,"state":"closed","title":"deps(deps): bump the prod-misc group across 1 directory with 21 updates","user":"dependabot[bot]","labels":["dependencies","automated","npm"],"assignees":["shchilkin"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-07T22:51:42.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-03T16:45:38.000Z","updated_at":"2026-06-07T22:51:44.000Z","time_to_close":367564,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps): bump","group_name":"prod-misc","update_count":21,"packages":[{"name":"@tanstack/react-query","old_version":"5.100.14","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"bullmq","old_version":"5.77.3","new_version":"5.78.0","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"ioredis","old_version":"5.10.1","new_version":"5.11.1","repository_url":"https://github.com/luin/ioredis"},{"name":"tsx","old_version":"4.22.3","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"fumadocs-core","old_version":"16.9.1","new_version":"16.9.3","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-mdx","old_version":"15.0.8","new_version":"15.0.10","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-ui","old_version":"16.9.1","new_version":"16.9.3","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"xstate","old_version":"5.31.1","new_version":"5.32.0","repository_url":"https://github.com/statelyai/xstate"},{"name":"@types/estree","old_version":"1.0.8","new_version":"1.0.9","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"baseline-browser-mapping","old_version":"2.10.32","new_version":"2.10.33","repository_url":"https://github.com/web-platform-dx/baseline-browser-mapping"},{"name":"hasown","old_version":"2.0.3","new_version":"2.0.4","repository_url":"https://github.com/inspect-js/hasOwn"},{"name":"js-yaml","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"langsmith","old_version":"0.7.2","new_version":"0.7.4","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"property-information","old_version":"7.1.0","new_version":"7.2.0","repository_url":"https://github.com/wooorm/property-information"},{"name":"shiki","old_version":"4.1.0","new_version":"4.2.0","repository_url":"https://github.com/shikijs/shiki"},{"name":"tinyglobby","old_version":"0.2.16","new_version":"0.2.17","repository_url":"https://github.com/SuperchupuDev/tinyglobby"},{"name":"vite","old_version":"8.0.14","new_version":"8.0.16","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the prod-misc group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.14` | `5.101.0` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.77.3` | `5.78.0` |\n| [ioredis](https://github.com/luin/ioredis) | `5.10.1` | `5.11.1` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.22.3` | `4.22.4` |\n| [fumadocs-core](https://github.com/fuma-nama/fumadocs) | `16.9.1` | `16.9.3` |\n| [fumadocs-mdx](https://github.com/fuma-nama/fumadocs) | `15.0.8` | `15.0.10` |\n| [fumadocs-ui](https://github.com/fuma-nama/fumadocs) | `16.9.1` | `16.9.3` |\n| [xstate](https://github.com/statelyai/xstate) | `5.31.1` | `5.32.0` |\n| [@types/estree](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/estree) | `1.0.8` | `1.0.9` |\n| [baseline-browser-mapping](https://github.com/web-platform-dx/baseline-browser-mapping) | `2.10.32` | `2.10.33` |\n| [hasown](https://github.com/inspect-js/hasOwn) | `2.0.3` | `2.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.2.0` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.7.2` | `0.7.4` |\n| [property-information](https://github.com/wooorm/property-information) | `7.1.0` | `7.2.0` |\n| [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.1.0` | `4.2.0` |\n| [tinyglobby](https://github.com/SuperchupuDev/tinyglobby) | `0.2.16` | `0.2.17` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.14` | `8.0.16` |\n\n\nUpdates `@tanstack/react-query` from 5.100.14 to 5.101.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/3042860e3c8731c94ca4dec0e277e415d0484fce\"\u003e\u003ccode\u003e3042860\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/TanStack/query/commit/e631dc3fa17bff71f413246b7a770a730016d346\"\u003e\u003ccode\u003ee631dc3\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10857\"\u003e#10857\u003c/a\u003e \u003ca href=\"https://github.com/TanStack/query/commit/7cf5923308fb91f3eff0fe952d8c64676e2bdad7\"\u003e\u003ccode\u003e7cf5923\u003c/code\u003e\u003c/a\u003e - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md\"\u003e@​tanstack/react-query's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/f3d8d2abbf15bf81ff7575d3be9845d7b402f25a\"\u003e\u003ccode\u003ef3d8d2a\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10774\"\u003e#10774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/532bb298fba15e945e69c6ee4edc0c759ff21324\"\u003e\u003ccode\u003e532bb29\u003c/code\u003e\u003c/a\u003e fix(tests): disable local coverage instrumentation (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.0/packages/react-query\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bullmq` from 5.77.3 to 5.78.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/taskforcesh/bullmq/releases\"\u003ebullmq's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.78.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.7...v5.78.0\"\u003e5.78.0\u003c/a\u003e (2026-06-02)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erust:\u003c/strong\u003e initial implementation of rust support (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4200\"\u003e#4200\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/38798cc212e450f6369da3714c20eeced5a523a9\"\u003e38798cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.6...v5.77.7\"\u003e5.77.7\u003c/a\u003e (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency msgpackr to v2.0.2 [security] (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4202\"\u003e#4202\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/fbe04af1b3e9c7c9683229544914a54c5bb1f8d8\"\u003efbe04af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.5...v5.77.6\"\u003e5.77.6\u003c/a\u003e (2026-05-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e change NodeRedisRawClient to be node-redis compliant (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4195\"\u003e#4195\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/81709e4abe71f4e7c05c748938ec004a50c1fd4b\"\u003e81709e4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.4...v5.77.5\"\u003e5.77.5\u003c/a\u003e (2026-05-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econnection:\u003c/strong\u003e handle cluster reconnection with timeouts (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4186\"\u003e#4186\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/411690e9070ba0dda59a86628fc8b56ad9ebea04\"\u003e411690e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.3...v5.77.4\"\u003e5.77.4\u003c/a\u003e (2026-05-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ededuplication:\u003c/strong\u003e preserve custom jobId when requeuing keepLastIfActive proto-jobs (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4190\"\u003e#4190\u003c/a\u003e) fixes \u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4030\"\u003e#4030\u003c/a\u003e (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e4972e8fd721035d680ca291049134c3876f8ba\"\u003e6e4972e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/38798cc212e450f6369da3714c20eeced5a523a9\"\u003e\u003ccode\u003e38798cc\u003c/code\u003e\u003c/a\u003e feat(rust): initial implementation of rust support (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4200\"\u003e#4200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/a45e0d944255fb600dfb005a4f829c8999478349\"\u003e\u003ccode\u003ea45e0d9\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.7 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4203\"\u003e#4203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/fbe04af1b3e9c7c9683229544914a54c5bb1f8d8\"\u003e\u003ccode\u003efbe04af\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency msgpackr to v2.0.2 [security] (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4202\"\u003e#4202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/63c4054ab34d85c7c8d1fb620776d44aca45ae67\"\u003e\u003ccode\u003e63c4054\u003c/code\u003e\u003c/a\u003e chore(deps): update eslint to v8.60.0 [security] (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4192\"\u003e#4192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/d2c98509c5cab911d3d40de5a13668791473dbbc\"\u003e\u003ccode\u003ed2c9850\u003c/code\u003e\u003c/a\u003e chore(release): v5.77.6 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4199\"\u003e#4199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/1c99570ee26407bc6e6b3796a9989304affa624d\"\u003e\u003ccode\u003e1c99570\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.5 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4198\"\u003e#4198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/81709e4abe71f4e7c05c748938ec004a50c1fd4b\"\u003e\u003ccode\u003e81709e4\u003c/code\u003e\u003c/a\u003e fix(types): change NodeRedisRawClient to be node-redis compliant (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4195\"\u003e#4195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/411690e9070ba0dda59a86628fc8b56ad9ebea04\"\u003e\u003ccode\u003e411690e\u003c/code\u003e\u003c/a\u003e fix(connection): handle cluster reconnection with timeouts (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4186\"\u003e#4186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/e7d7d874f615cc06a581332f3a6fb6db22da4fb9\"\u003e\u003ccode\u003ee7d7d87\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.4 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4197\"\u003e#4197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e4972e8fd721035d680ca291049134c3876f8ba\"\u003e\u003ccode\u003e6e4972e\u003c/code\u003e\u003c/a\u003e fix(deduplication): preserve custom jobId when requeuing keepLastIfActive pro...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.3...v5.78.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ioredis` from 5.10.1 to 5.11.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/luin/ioredis/releases\"\u003eioredis's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.11.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.11.0...v5.11.1\"\u003e5.11.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecluster:\u003c/strong\u003e reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003ec84b2ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eparse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e131ee24\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.11.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.0\"\u003e5.11.0\u003c/a\u003e (2026-05-26)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent RangeError from string accumulation in pipeline (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2088\"\u003e#2088\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/defc07716a9ef10c2077ec4e23ea48cb9ea731fc\"\u003edefc077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereplace deprecated url.parse() with WHATWG URL API (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2081\"\u003e#2081\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0021a4590e286aabbf27f4e2fc18f9d2de829ef0\"\u003e0021a45\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/redis/ioredis/issues/1747\"\u003eredis/ioredis#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003ebaf68d6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e37d0695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Redis MSETEX support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2111\"\u003e#2111\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/04a4615e8e96b9c58d017e360b5eaafede8973d0\"\u003e04a4615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd typed GCRA command support and functional tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2094\"\u003e#2094\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/468a8023cd2c8f342ec7c55a01bf0c8d17e4b877\"\u003e468a802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003eb7b3def\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd xnack command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2103\"\u003e#2103\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/187d29b45000ee46a4baa8ce91eacfa04675aee8\"\u003e187d29b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zinter zunion count (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2104\"\u003e#2104\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0d510bbc1cfc8b01d862b76c408f6687f6e77809\"\u003e0d510bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eTracingChannel\u003c/code\u003e support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2089\"\u003e#2089\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/4760e0a19c194f29f4feb703003dcf046e4509cd\"\u003e4760e0a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/redis/ioredis/blob/main/CHANGELOG.md\"\u003eioredis's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.11.0...v5.11.1\"\u003e5.11.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecluster:\u003c/strong\u003e reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003ec84b2ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eparse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e131ee24\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.0\"\u003e5.11.0\u003c/a\u003e (2026-05-26)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent RangeError from string accumulation in pipeline (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2088\"\u003e#2088\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/defc07716a9ef10c2077ec4e23ea48cb9ea731fc\"\u003edefc077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereplace deprecated url.parse() with WHATWG URL API (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2081\"\u003e#2081\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0021a4590e286aabbf27f4e2fc18f9d2de829ef0\"\u003e0021a45\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/redis/ioredis/issues/1747\"\u003eredis/ioredis#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003ebaf68d6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e37d0695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Redis MSETEX support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2111\"\u003e#2111\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/04a4615e8e96b9c58d017e360b5eaafede8973d0\"\u003e04a4615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd typed GCRA command support and functional tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2094\"\u003e#2094\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/468a8023cd2c8f342ec7c55a01bf0c8d17e4b877\"\u003e468a802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003eb7b3def\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd xnack command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2103\"\u003e#2103\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/187d29b45000ee46a4baa8ce91eacfa04675aee8\"\u003e187d29b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zinter zunion count (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2104\"\u003e#2104\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0d510bbc1cfc8b01d862b76c408f6687f6e77809\"\u003e0d510bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eTracingChannel\u003c/code\u003e support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2089\"\u003e#2089\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/4760e0a19c194f29f4feb703003dcf046e4509cd\"\u003e4760e0a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/fb224a7609b6d25959e06e31fdab2460d1f75691\"\u003e\u003ccode\u003efb224a7\u003c/code\u003e\u003c/a\u003e chore(release): 5.11.1 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e\u003ccode\u003e131ee24\u003c/code\u003e\u003c/a\u003e fix: parse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003e\u003ccode\u003ec84b2ee\u003c/code\u003e\u003c/a\u003e fix(cluster): reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/14904327fc212d1f592172d776ebe45178fb7ee7\"\u003e\u003ccode\u003e1490432\u003c/code\u003e\u003c/a\u003e chore(release): 5.11.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/5359d4d090c17f2ca1e86d92b139cd935ba4643d\"\u003e\u003ccode\u003e5359d4d\u003c/code\u003e\u003c/a\u003e refactor(utils): inline defaults and isArguments helpers (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2107\"\u003e#2107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003e\u003ccode\u003eb7b3def\u003c/code\u003e\u003c/a\u003e feat: add vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/faa53fdfae7f605c19bd74564639640f9d30d404\"\u003e\u003ccode\u003efaa53fd\u003c/code\u003e\u003c/a\u003e ci: update Node.js and Redis test matrix (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2119\"\u003e#2119\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e\u003ccode\u003e37d0695\u003c/code\u003e\u003c/a\u003e feat: add increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/612ee9dfe96c1df942eaa415ca94881077191b5c\"\u003e\u003ccode\u003e612ee9d\u003c/code\u003e\u003c/a\u003e chore: update Redis 8.8 test image to custom (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2118\"\u003e#2118\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003e\u003ccode\u003ebaf68d6\u003c/code\u003e\u003c/a\u003e feat: add array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tsx` from 4.22.3 to 4.22.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/privatenumber/tsx/releases\"\u003etsx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.3...v4.22.4\"\u003e4.22.4\u003c/a\u003e (2026-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e1ce8463\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.4\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e\u003ccode\u003e1ce8463\u003c/code\u003e\u003c/a\u003e fix: resolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.3...v4.22.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-core` from 16.9.1 to 16.9.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-core@16.9.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e42f0255: Support \u003ccode\u003einvalidate\u003c/code\u003e \u0026amp; \u003ccode\u003erevalidate\u003c/code\u003e on dynamic loader\u003c/li\u003e\n\u003cli\u003ea807798: Improve source API utils \u0026amp; types\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/34b75a0cfb8fd345f0ad04799630f8b329c2fe92\"\u003e\u003ccode\u003e34b75a0\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3324\"\u003e#3324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/73b9cec605ecd7f17b7faff8e9aafdb0d1ecab71\"\u003e\u003ccode\u003e73b9cec\u003c/code\u003e\u003c/a\u003e docs: fix build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/d35d0d6a43492f8a185889d92fa8af8a991761f2\"\u003e\u003ccode\u003ed35d0d6\u003c/code\u003e\u003c/a\u003e fix(mdx): respect \u003ccode\u003eroot\u003c/code\u003e in Vite config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a9f95ffbd913deac945bb420b6fb77589b7a7c8d\"\u003e\u003ccode\u003ea9f95ff\u003c/code\u003e\u003c/a\u003e chore: bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/783c048904305b4769293b047c27f9bd2ad9e31f\"\u003e\u003ccode\u003e783c048\u003c/code\u003e\u003c/a\u003e fix(preview): fix invalid content type in \u003ccode\u003e/img\u003c/code\u003e endpoint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/42f02559dabd35137b28c29597c10bd7dad90fea\"\u003e\u003ccode\u003e42f0255\u003c/code\u003e\u003c/a\u003e feat(core): support \u003ccode\u003einvalidate\u003c/code\u003e \u0026amp; \u003ccode\u003erevalidate\u003c/code\u003e on dynamic loader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a8077981c657305fe72b4db859768d4daa4f0488\"\u003e\u003ccode\u003ea807798\u003c/code\u003e\u003c/a\u003e fix(core): improve source API utils \u0026amp; types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/8b1701942c336148141b9a8dd80bb110a4227f70\"\u003e\u003ccode\u003e8b17019\u003c/code\u003e\u003c/a\u003e docs: document LLM_GATEWAY_MODEL for Ask AI (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3319\"\u003e#3319\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/cad622e541bdd38d552224f621f7ec1f5a257e25\"\u003e\u003ccode\u003ecad622e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3318\"\u003e#3318\u003c/a\u003e from smakosh/feat/llmgateway-ai-provider\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/ee98724b9a13df85331016f1f7079e4e41d82e40\"\u003e\u003ccode\u003eee98724\u003c/code\u003e\u003c/a\u003e fix(openapi): newer scalar client\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-core@16.9.1...fumadocs-core@16.9.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-mdx` from 15.0.8 to 15.0.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-mdx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-mdx@15.0.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed35d0d6: Respect \u003ccode\u003eroot\u003c/code\u003e in Vite config\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [42f0255]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [a807798]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.9.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-mdx@15.0.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecd04425: Support \u003ccode\u003e_fumadocs_skipViteConfig\u003c/code\u003e internal flag\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/34b75a0cfb8fd345f0ad04799630f8b329c2fe92\"\u003e\u003ccode\u003e34b75a0\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3324\"\u003e#3324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/73b9cec605ecd7f17b7faff8e9aafdb0d1ecab71\"\u003e\u003ccode\u003e73b9cec\u003c/code\u003e\u003c/a\u003e docs: fix build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/d35d0d6a43492f8a185889d92fa8af8a991761f2\"\u003e\u003ccode\u003ed35d0d6\u003c/code\u003e\u003c/a\u003e fix(mdx): respect \u003ccode\u003eroot\u003c/code\u003e in Vite config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a9f95ffbd913deac945bb420b6fb77589b7a7c8d\"\u003e\u003ccode\u003ea9f95ff\u003c/code\u003e\u003c/a\u003e chore: bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/783c048904305b4769293b047c27f9bd2ad9e31f\"\u003e\u003ccode\u003e783c048\u003c/code\u003e\u003c/a\u003e fix(preview): fix invalid content type in \u003ccode\u003e/img\u003c/code\u003e endpoint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/42f02559dabd35137b28c29597c10bd7dad90fea\"\u003e\u003ccode\u003e42f0255\u003c/code\u003e\u003c/a\u003e feat(core): support \u003ccode\u003einvalidate\u003c/code\u003e \u0026amp; \u003ccode\u003erevalidate\u003c/code\u003e on dynamic loader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a8077981c657305fe72b4db859768d4daa4f0488\"\u003e\u003ccode\u003ea807798\u003c/code\u003e\u003c/a\u003e fix(core): improve source API utils \u0026amp; types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/8b1701942c336148141b9a8dd80bb110a4227f70\"\u003e\u003ccode\u003e8b17019\u003c/code\u003e\u003c/a\u003e docs: document LLM_GATEWAY_MODEL for Ask AI (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3319\"\u003e#3319\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/cad622e541bdd38d552224f621f7ec1f5a257e25\"\u003e\u003ccode\u003ecad622e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3318\"\u003e#3318\u003c/a\u003e from smakosh/feat/llmgateway-ai-provider\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/ee98724b9a13df85331016f1f7079e4e41d82e40\"\u003e\u003ccode\u003eee98724\u003c/code\u003e\u003c/a\u003e fix(openapi): newer scalar client\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-mdx@15.0.8...fumadocs-mdx@15.0.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-ui` from 16.9.1 to 16.9.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-ui's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-ui@16.9.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [42f0255]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [a807798]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.9.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/34b75a0cfb8fd345f0ad04799630f8b329c2fe92\"\u003e\u003ccode\u003e34b75a0\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3324\"\u003e#3324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/73b9cec605ecd7f17b7faff8e9aafdb0d1ecab71\"\u003e\u003ccode\u003e73b9cec\u003c/code\u003e\u003c/a\u003e docs: fix build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/d35d0d6a43492f8a185889d92fa8af8a991761f2\"\u003e\u003ccode\u003ed35d0d6\u003c/code\u003e\u003c/a\u003e fix(mdx): respect \u003ccode\u003eroot\u003c/code\u003e in Vite config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a9f95ffbd913deac945bb420b6fb77589b7a7c8d\"\u003e\u003ccode\u003ea9f95ff\u003c/code\u003e\u003c/a\u003e chore: bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/783c048904305b4769293b047c27f9bd2ad9e31f\"\u003e\u003ccode\u003e783c048\u003c/code\u003e\u003c/a\u003e fix(preview): fix invalid content type in \u003ccode\u003e/img\u003c/code\u003e endpoint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/42f02559dabd35137b28c29597c10bd7dad90fea\"\u003e\u003ccode\u003e42f0255\u003c/code\u003e\u003c/a\u003e feat(core): support \u003ccode\u003einvalidate\u003c/code\u003e \u0026amp; \u003ccode\u003erevalidate\u003c/code\u003e on dynamic loader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/a8077981c657305fe72b4db859768d4daa4f0488\"\u003e\u003ccode\u003ea807798\u003c/code\u003e\u003c/a\u003e fix(core): improve source API utils \u0026amp; types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/8b1701942c336148141b9a8dd80bb110a4227f70\"\u003e\u003ccode\u003e8b17019\u003c/code\u003e\u003c/a\u003e docs: document LLM_GATEWAY_MODEL for Ask AI (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3319\"\u003e#3319\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/cad622e541bdd38d552224f621f7ec1f5a257e25\"\u003e\u003ccode\u003ecad622e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3318\"\u003e#3318\u003c/a\u003e from smakosh/feat/llmgateway-ai-provider\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/ee98724b9a13df85331016f1f7079e4e41d82e40\"\u003e\u003ccode\u003eee98724\u003c/code\u003e\u003c/a\u003e fix(openapi): newer scalar client\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-ui@16.9.1...fumadocs-ui@16.9.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lucide-react` from 1.16.0 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lucide-icons/lucide/releases\"\u003elucide-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4376\"\u003elucide-icons/lucide#4376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(repo): Update issue templates and documentation for package ren… by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4379\"\u003elucide-icons/lucide#4379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Adds survey overlay to website by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4380\"\u003elucide-icons/lucide#4380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Certificate dev links by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4390\"\u003elucide-icons/lucide#4390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): changed \u003ccode\u003emartini\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4335\"\u003elucide-icons/lucide#4335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4386\"\u003elucide-icons/lucide#4386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e from 2.0.0 to 2.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4404\"\u003elucide-icons/lucide#4404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump devalue from 5.8.0 to 5.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4391\"\u003elucide-icons/lucide#4391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ws from 8.18.0 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4392\"\u003elucide-icons/lucide#4392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(gh-icon): limit icon size to a maximum of 256 pixels by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4398\"\u003elucide-icons/lucide#4398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(dependencies): Update dependencies by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4377\"\u003elucide-icons/lucide#4377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(copilot): Adding copilot instructions by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4407\"\u003elucide-icons/lucide#4407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add \u003ccode\u003eglobe-check\u003c/code\u003e by \u003ca href=\"https://github.com/Barakudum\"\u003e\u003ccode\u003e@​Barakudum\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4342\"\u003elucide-icons/lucide#4342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(metadata): Require use-cases in meta json by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4321\"\u003elucide-icons/lucide#4321\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eparasol\u003c/code\u003e icon by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4347\"\u003elucide-icons/lucide#4347\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/lucide-icons/lucide/commits/1.17.0/packages/lucide-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `xstate` from 5.31.1 to 5.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/statelyai/xstate/releases\"\u003exstate's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003exstate@5.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/statelyai/xstate/pull/5512\"\u003e#5512\u003c/a\u003e \u003ca href=\"https://github.com/statelyai/xstate/commit/063416db859581b91fd661ae1a89b75a37fffa69\"\u003e\u003ccode\u003e063416d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/davidkpiano\"\u003e\u003ccode\u003e@​davidkpiano\u003c/code\u003e\u003c/a\u003e! - Export \u003ccode\u003eInspectedTransitionEvent\u003c/code\u003e from \u003ccode\u003exstate\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/statelyai/xstate/commit/ddca0ff8c53dc2e85f9173514cc686308d65bd2c\"\u003e\u003ccode\u003eddca0ff\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/statelyai/xstate/issues/5529\"\u003e#5529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/statelyai/xstate/commit/063416db859581b91fd661ae1a89b75a37fffa69\"\u003e\u003ccode\u003e063416d\u003c/code\u003e\u003c/a\u003e [\u003ccode\u003e@​xstate/store\u003c/code\u003e] Version 4 (\u003ca href=\"https://redirect.github.com/statelyai/xstate/issues/5512\"\u003e#5512\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/statelyai/xstate/commit/d7fb9c6b4ce8ffc4f8ad33c10b656c7f7c0d78e7\"\u003e\u003ccode\u003ed7fb9c6\u003c/code\u003e\u003c/a\u003e Harden CI configs (\u003ca href=\"https://redirect.github.com/statelyai/xstate/issues/5527\"\u003e#5527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/statelyai/xstate/compare/xstate@5.31.1...xstate@5.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tanstack/query-core` from 5.100.14 to 5.101.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/query-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/query-core/CHANGELOG.md\"\u003e@​tanstack/query-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.101.0\u003c/h2\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/f3d8d2abbf15bf81ff7575d3be9845d7b402f25a\"\u003e\u003ccode\u003ef3d8d2a\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/query-core/issues/10774\"\u003e#10774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/532bb298fba15e945e69c6ee4edc0c759ff21324\"\u003e\u003ccode\u003e532bb29\u003c/code\u003e\u003c/a\u003e fix(tests): disable local coverage instrumentation (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/query-core/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/query-core@5.101.0/packages/query-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/estree` from 1.0.8 to 1.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/estree\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `baseline-browser-mapping` from 2.10.32 to 2.10.33\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/releases\"\u003ebaseline-browser-mapping's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.9.3 - remove \u003ccode\u003eprocess.loadEnvFile()\u003c/code\u003e\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process.loadEnfFile() from main script by \u003ca href=\"https://github.com/tonypconway\"\u003e\u003ccode\u003e@​tonypconway\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/web-platform-dx/baseline-browser-mapping/pull/112\"\u003eweb-platform-dx/baseline-browser-mapping#112\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/compare/v2.9.2...v2.9.3\"\u003ehttps://github.com/web-platform-dx/baseline-browser-mapping/compare/v2.9.2...v2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/commit/2ed6553b7c98b432110f5f2e884fc0649b28ee7e\"\u003e\u003ccode\u003e2ed6553\u003c/code\u003e\u003c/a\u003e Patch to 2.10.33 because browser or feature data changed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/commit/260b8c7073a31ba718133afba1f3f0ff31f34e76\"\u003e\u003ccode\u003e260b8c7\u003c/code\u003e\u003c/a\u003e Browser or feature data changed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/commit/f22daa7705ea2d9f3636b1a0f9650bee84c7b2a6\"\u003e\u003ccode\u003ef22daa7\u003c/code\u003e\u003c/a\u003e Updating static site\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/web-platform-dx/baseline-browser-mapping/compare/v2.10.32...v2.10.33\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cluster-key-slot` from 1.1.2 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/Salakar/cluster-key-slot/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hasown` from 2.0.3 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/inspect-js/hasOwn/blob/main/CHANGELOG.md\"\u003ehasown's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/inspect-js/hasOwn/compare/v2.0.3...v2.0.4\"\u003ev2.0.4\u003c/a\u003e - 2026-05-28\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[types] drop the dead key-narrowing overload \u003ca href=\"https://github.com/inspect-js/hasOwn/commit/fdab00e2703e65411424e19bf86a7e72a8f10da9\"\u003e\u003ccode\u003efdab00e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/inspect-js/hasOwn/commit/91f624768dd0f7db0d019b89d4d86bd66e20ec30\"\u003e\u003ccode\u003e91f6247\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inspect-js/hasOwn/commit/97f3a857d30d06e4081626ea6e5e3c00023627ff\"\u003e\u003ccode\u003e97f3a85\u003c/code\u003e\u003c/a\u003e v2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inspect-js/hasOwn/commit/fdab00e2703e65411424e19bf86a7e72a8f10da9\"\u003e\u003ccode\u003efdab00e\u003c/code\u003e\u003c/a\u003e [types] drop the dead key-narrowing overload\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inspect-js/hasOwn/commit/91f624768dd0f7db0d019b89d4d86bd66e20ec30\"\u003e\u003ccode\u003e91f6247\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/inspect-js/hasOwn/compare/v2.0.3...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.2.0] - 2026-06-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003edocs/safety.md\u003c/code\u003e with notes about processing untrusted YAML.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxDepth\u003c/code\u003e (100) loader option. Not a problem, but gives a better\nexception instead of RangeError on stack overflow.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxMergeSeqLength\u003c/code\u003e (20) loader option. Not a problem after \u003ccode\u003emerge\u003c/code\u003e fix,\nbut an additional restriction for safety.\u003c/li\u003e\n\u003cli\u003eAdded sourcemaps to \u003ccode\u003edist/\u003c/code\u003e builds.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStop resolving numbers with underscores as numeric scalars, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/627\"\u003e#627\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eSwitched dev toolchains to Vite / neostandard.\u003c/li\u003e\n\u003cli\u003eUpdated demo.\u003c/li\u003e\n\u003cli\u003eReorganized tests.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edist/\u003c/code\u003e files are no longer kept in the repository.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix parsing of properties on the first implicit block mapping key, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/62\"\u003e#62\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix trailing whitespace handling when folding flow scalar lines, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReject top-level block scalars without content indentation, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/280\"\u003e#280\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsure numbers survive round-trip, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/737\"\u003e#737\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix test coverage for issue \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/221\"\u003e#221\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix flow scalar trailing whitespace folding, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix digits in YAML named tag handles.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential DoS via quadratic complexity in merge - deduplicate repeated\nelements (makes sense for malformed files \u0026gt; 10K).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.7.2 to 0.7.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(google-adk): add wrapt dependency by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2436\"\u003elangchain-ai/langsmith-sdk#2436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: lock dependencies by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2439\"\u003elangchain-ai/langsmith-sdk#2439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.4 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2441\"\u003elangchain-ai/langsmith-sdk#2441\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: propagate tracingEnabled to nested traceables by \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2427\"\u003elangchain-ai/langsmith-sdk#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(python): openai agents: delay span start for spans without inputs on start event by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2424\"\u003elangchain-ai/langsmith-sdk#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.3 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2428\"\u003elangchain-ai/langsmith-sdk#2428\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1132e6ce6391d08158a93acb5c96b90521ac3230\"\u003e\u003ccode\u003e1132e6c\u003c/code\u003e\u003c/a\u003e release(py): 0.7.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2441\"\u003e#2441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8c7cc783806e4a6d71300982d58ecb3c9bc658cd\"\u003e\u003ccode\u003e8c7cc78\u003c/code\u003e\u003c/a\u003e chore: lock dependencies (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2439\"\u003e#2439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/62c256ea56fdee0bc539275c749a427e510ded8f\"\u003e\u003ccode\u003e62c256e\u003c/code\u003e\u003c/a\u003e fix(google-adk): add wrapt dependency (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2436\"\u003e#2436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/e32d4c18a681553f47c93350f03dc0a0f0cc4890\"\u003e\u003ccode\u003ee32d4c1\u003c/code\u003e\u003c/a\u003e release(py): 0.7.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2428\"\u003e#2428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1c51bf881dafaeb01432db629de7cafaabca79dc\"\u003e\u003ccode\u003e1c51bf8\u003c/code\u003e\u003c/a\u003e chore(python): openai agents: delay span start for spans without inputs on st...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/a41bf22dadaea489a156dc06a9d0fbf1a977ff6d\"\u003e\u003ccode\u003ea41bf22\u003c/code\u003e\u003c/a\u003e fix: propagate tracingEnabled to nested traceables (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2427\"\u003e#2427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `msgpackr` from 2.0.1 to 2.0.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kriszyp/msgpackr/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `property-information` from 7.1.0 to 7.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/wooorm/property-information/releases\"\u003eproperty-information's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.0\u003c/h2\u003e\n\u003ch4\u003eAdd\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ecb86e8b Add new properties\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e992bfbc Add \u003ccode\u003enumber\u003c/code\u003e for \u003ccode\u003ecolSpan\u003c/code\u003e\nby \u003ca href=\"https://github.com/johanrd\"\u003e\u003ccode\u003e@​johanrd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/wooorm/property-information/pull/26\"\u003ewooorm/property-information#26\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/wooorm/property-information/compare/7.1.0...7.2.0\"\u003ehttps://github.com/wooorm/property-information/compare/7.1.0...7.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/f6f547b1ab52429dba18dcee19fd1ef4c1212b78\"\u003e\u003ccode\u003ef6f547b\u003c/code\u003e\u003c/a\u003e 7.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/992bfbcb8429c7df18ea112dc709d8f68391d459\"\u003e\u003ccode\u003e992bfbc\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003enumber\u003c/code\u003e for \u003ccode\u003ecolSpan\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/08391519b27e6dd90fe930247c248f1fc4e6f380\"\u003e\u003ccode\u003e0839151\u003c/code\u003e\u003c/a\u003e Update dev-dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/cb86e8b0fd8c548dddae250ce4840555c8b8e0bf\"\u003e\u003ccode\u003ecb86e8b\u003c/code\u003e\u003c/a\u003e Add new properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/83ece0950e1f641eb30648031d743d5995d8b519\"\u003e\u003ccode\u003e83ece09\u003c/code\u003e\u003c/a\u003e Update actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/930b589686345c2ce28d82073fd67e6aee861471\"\u003e\u003ccode\u003e930b589\u003c/code\u003e\u003c/a\u003e Add missing JSDoc description\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wooorm/property-information/commit/a2822cf193374df7057c62c8fa3a18f9917be9d9\"\u003e\u003ccode\u003ea2822cf\u003c/code\u003e\u003c/a\u003e Update dev-dependencies\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/wooorm/property-information/compare/7.1.0...7.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `shiki` from 4.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/shikijs/shiki/releases\"\u003eshiki's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e@​shikijs/stream\u003c/code\u003e and \u003ccode\u003e@​shikijs/magic-move\u003c/code\u003e packages  -  by \u003ca href=\"https://github.com/antfu\"\u003e\u003ccode\u003e@​antfu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/shikijs/shiki/issues/1283\"\u003eshikijs/shiki#1283\u003c/a\u003e \u003ca href=\"https://github.com/shikijs/shiki/commit/d031f9b6\"\u003e\u003c!-- raw HTML omitted --\u003e(d031f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etransformers\u003c/strong\u003e: Handle YAML comment prefixes correctly for v3  -  by \u003ca href=\"https://github.com/AkaHarshit\"\u003e\u003ccode\u003e@​AkaHarshit\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/shikijs/shiki/issues/1266\"\u003eshikijs/shiki#1266\u003c/a\u003e \u003ca href=\"https://github.com/shikijs/shiki/commit/f694a725\"\u003e\u003c!-- raw HTML omitted --\u003e(f694a)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evitepress-twoslash\u003c/strong\u003e: Scroll blocking on mobile viewports  -  by \u003ca href=\"https://github.com/micaiguai\"\u003e\u003ccode\u003e@​micaiguai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/shikijs/shiki/issues/1262\"\u003eshikijs/shiki#1262\u003c/a\u003e \u003ca href=\"https://github.com/shikijs/shiki/commit/9e0e89c8\"\u003e\u003c!-- raw HTML omitted --\u003e(9e0e8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/shikijs/shiki/compare/v4.1.0...v4.2.0\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/shikijs/shiki/commit/1d56dae84801bad3a48dc7104437fbc21819ee4c\"\u003e\u003ccode\u003e1d56dae\u003c/code\u003e\u003c/a\u003e chore: release v4.2.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/shikijs/shiki/commits/v4.2.0/packages/shiki\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tinyglobby` from 0.2.16 to 0.2.17\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/releases\"\u003etinyglobby's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.2.17\u003c/h2\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled staged publishing for stronger supply-chain security\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaults when \u003ccode\u003eundefined\u003c/code\u003e is passed to any of the options by \u003ca href=\"https://github.com/chloeelim\"\u003e\u003ccode\u003e@​chloeelim\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrive-relative paths on Windows by \u003ca href=\"https://github.com/Andrej730\"\u003e\u003ccode\u003e@​Andrej730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFileSystemAdapter\u003c/code\u003e is now exported again\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eConsider \u003ca href=\"https://github.com/sponsors/SuperchupuDev\"\u003esponsoring\u003c/a\u003e if you'd like to support the development of this project and the goal of reaching a lighter and faster ecosystem\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/blob/main/CHANGELOG.md\"\u003etinyglobby's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/compare/0.2.16...0.2.17\"\u003e0.2.17\u003c/a\u003e\u003c/h3\u003e\n\u003ch4\u003eChanged\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled staged publishing for stronger supply-chain security\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDefaults when \u003ccode\u003eundefined\u003c/code\u003e is passed to any of the options by \u003ca href=\"https://github.com/chloeelim\"\u003echloeelim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrive-relative paths on Windows by \u003ca href=\"https://github.com/Andrej730\"\u003eAndrej730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFileSystemAdapter\u003c/code\u003e is now exported again\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/f80cb8448dc5058f38bc25642375c1934112c7ba\"\u003e\u003ccode\u003ef80cb84\u003c/code\u003e\u003c/a\u003e release 0.2.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/d5d1ce34aa59ce6a3e8271236c109fbeb50bac27\"\u003e\u003ccode\u003ed5d1ce3\u003c/code\u003e\u003c/a\u003e enable staged publishes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/ec39d486d02eb799d86bda52e5d33618adff28f3\"\u003e\u003ccode\u003eec39d48\u003c/code\u003e\u003c/a\u003e Update all non-major dependencies (\u003ca href=\"https://redirect.github.com/SuperchupuDev/tinyglobby/issues/204\"\u003e#204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/d618ed47f84e7c01a0cf2d7dae72ad053f6524dc\"\u003e\u003ccode\u003ed618ed4\u003c/code\u003e\u003c/a\u003e improve benchmark infra\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/dd10cb2d3f076c5fb53333835c9a1643d22d62a9\"\u003e\u003ccode\u003edd10cb2\u003c/code\u003e\u003c/a\u003e disable cache in publish workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/749694d90ff3b21e746d5ada1ed5ad4790db6a6d\"\u003e\u003ccode\u003e749694d\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eminimumReleaseAge\u003c/code\u003e in renovate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/937a0c79ad6d58f6e12f1b96de8f8f80daf9ed98\"\u003e\u003ccode\u003e937a0c7\u003c/code\u003e\u003c/a\u003e remove \u003ccode\u003e.vscode\u003c/code\u003e folder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/298769ae536876db3eed1bc75f2515f5348e36d4\"\u003e\u003ccode\u003e298769a\u003c/code\u003e\u003c/a\u003e fix alt text in readme (\u003ca href=\"https://redirect.github.com/SuperchupuDev/tinyglobby/issues/203\"\u003e#203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/8927f0a2fef3a6ea13da7fbc1b20041b92574bfc\"\u003e\u003ccode\u003e8927f0a\u003c/code\u003e\u003c/a\u003e run ci on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/commit/e8519ee10a0c8df836d1076f9f0a80763b7ae07b\"\u003e\u003ccode\u003ee8519ee\u003c/code\u003e\u003c/a\u003e Update all non-major dependencies (\u003ca href=\"https://redirect.github.com/SuperchupuDev/tinyglobby/issues/195\"\u003e#195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SuperchupuDev/tinyglobby/compare/0.2.16...0.2.17\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 8.0.14 to 8.0.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.16\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.16/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.15\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.15/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.15...v8.0.16\"\u003e8.0.16\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9\"\u003e50b9512\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546\"\u003edc245c7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.14...v8.0.15\"\u003e8.0.15\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esend 408 on request timeout (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22476\"\u003e#22476\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c85c9eeb9aaf41f477b48b057146887bd5620797\"\u003ec85c9ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.3 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22538\"\u003e#22538\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575\"\u003e646dbed\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecapitalize error messages and remove spurious space in parse error (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22488\"\u003e#22488\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3\"\u003e85a0eff\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22511\"\u003e#22511\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa\"\u003e2686d7d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edev:\u003c/strong\u003e fix html-proxy cache key mismatch for /@fs/ HTML paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21762\"\u003e#21762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/47c4213f134f562c41ed7c031e4788510cf7e31e\"\u003e47c4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eglob:\u003c/strong\u003e error on relative glob in virtual module when no files match (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22497\"\u003e#22497\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5c8e98f8b584ac5d42f0f9b8580c49792213b13c\"\u003e5c8e98f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoptimizer:\u003c/strong\u003e close the rolldown bundle when write() rejects (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22528\"\u003e#22528\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815\"\u003ee3cfb9d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eresolve:\u003c/strong\u003e provide onWarn for viteResolvePlugin in JS plugin containers (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22509\"\u003e#22509\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/40985f1c09b7696e594e6c5695fbc315d2da2c83\"\u003e40985f1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22566\"\u003e#22566\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd\"\u003e3052a67\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Refactoring\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecorrect logic in \u003ccode\u003ecollectAllModules\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22562\"\u003e#22562\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c\"\u003e6978a9c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f94df87ff03b40b65e29bacdc04cc18c7bccaa4a\"\u003e\u003ccode\u003ef94df87\u003c/code\u003e\u003c/a\u003e release: v8.0.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546\"\u003e\u003ccode\u003edc245c7\u003c/code\u003e\u003c/a\u003e fix: reject windows alternate paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22572\"\u003e#22572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9\"\u003e\u003ccode\u003e50b9512\u003c/code\u003e\u003c/a\u003e fix(deps): reject UNC paths for launch-editor-middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22571\"\u003e#22571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8d1b0195fd186d0b3297d7cd17acff6c96797420\"\u003e\u003ccode\u003e8d1b019\u003c/code\u003e\u003c/a\u003e release: v8.0.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa\"\u003e\u003ccode\u003e2686d7d\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22511\"\u003e#22511\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd\"\u003e\u003ccode\u003e3052a67\u003c/code\u003e\u003c/a\u003e chore(deps): update rolldown-related dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22566\"\u003e#22566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815\"\u003e\u003ccode\u003ee3cfb9d\u003c/code\u003e\u003c/a\u003e fix(optimizer): close the rolldown bundle when write() rejects (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22528\"\u003e#22528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c\"\u003e\u003ccode\u003e6978a9c\u003c/code\u003e\u003c/a\u003e refactor: correct logic in \u003ccode\u003ecollectAllModules\u003c/code\u003e function (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22562\"\u003e#22562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575\"\u003e\u003ccode\u003e646dbed\u003c/code\u003e\u003c/a\u003e feat: update rolldown to 1.0.3 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22538\"\u003e#22538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3\"\u003e\u003ccode\u003e85a0eff\u003c/code\u003e\u003c/a\u003e fix: capitalize error messages and remove spurious space in parse error (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22488\"\u003e#22488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v8.0.16/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e","html_url":"https://github.com/shchilkin/PopChoice/pull/679","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/shchilkin%2FPopChoice/issues/679","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/679/packages"}},{"old_version":"0.6.0","new_version":"0.7.4","update_type":"minor","path":null,"pr_created_at":"2026-06-03T03:37:59.000Z","version_change":"0.6.0 → 0.7.4","issue":{"uuid":"4576664740","node_id":"PR_kwDOLCxMKc7iDhg7","number":2476,"state":"open","title":"chore(deps): bump the langchain group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-03T03:37:59.000Z","updated_at":"2026-06-03T19:58:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"langchain","update_count":8,"packages":[{"name":"@langchain/anthropic","old_version":"1.3.28","new_version":"1.4.0","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/core","old_version":"1.1.44","new_version":"1.1.48","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"langchain","old_version":"1.4.0-dev-1777615538778","new_version":"1.4.4","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/openai","old_version":"1.4.5","new_version":"1.4.7","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/groq","old_version":"1.2.0","new_version":"1.2.1","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/mistralai","old_version":"1.0.8","new_version":"1.1.0","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/classic","old_version":"1.0.32","new_version":"1.0.34","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"langsmith","old_version":"0.6.0","new_version":"0.7.4","repository_url":"https://github.com/langchain-ai/langsmith-sdk"}],"path":null,"ecosystem":"npm"},"body":"Bumps the langchain group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@langchain/anthropic](https://github.com/langchain-ai/langchainjs) | `1.3.28` | `1.4.0` |\n| [@langchain/core](https://github.com/langchain-ai/langchainjs) | `1.1.44` | `1.1.48` |\n| [langchain](https://github.com/langchain-ai/langchainjs) | `1.4.0-dev-1777615538778` | `1.4.4` |\n| [@langchain/openai](https://github.com/langchain-ai/langchainjs) | `1.4.5` | `1.4.7` |\n| [@langchain/groq](https://github.com/langchain-ai/langchainjs) | `1.2.0` | `1.2.1` |\n| [@langchain/mistralai](https://github.com/langchain-ai/langchainjs) | `1.0.8` | `1.1.0` |\n| [@langchain/classic](https://github.com/langchain-ai/langchainjs) | `1.0.32` | `1.0.34` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.6.0` | `0.7.4` |\n\n\nUpdates `@langchain/anthropic` from 1.3.28 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/anthropic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/anthropic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10777\"\u003e#10777\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/0cfcfc66897d8fafeb7e7ed90b7299eace9a7c37\"\u003e\u003ccode\u003e0cfcfc6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jonaslalin\"\u003e\u003ccode\u003e@​jonaslalin\u003c/code\u003e\u003c/a\u003e! - feat(anthropic): support strict tool calling for custom tools\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/anthropic@1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/core` from 1.1.44 to 1.1.48\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.48\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10832\"\u003e#10832\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1b24369a970ad6f56f1f428027f48601f87e62eb\"\u003e\u003ccode\u003e1b24369\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/info-arnav\"\u003e\u003ccode\u003e@​info-arnav\u003c/code\u003e\u003c/a\u003e! - fix(core, openrouter): make CJS default re-exports callable\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10666\"\u003e#10666\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2bb55b053f49f89e81e3252a7af08e86d71ddd95\"\u003e\u003ccode\u003e2bb55b0\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hnustwjj\"\u003e\u003ccode\u003e@​hnustwjj\u003c/code\u003e\u003c/a\u003e! - feat(openrouter): surface reasoning content as v1 standard content blocks\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003econvertOpenRouterResponseToBaseMessage\u003c/code\u003e and\n\u003ccode\u003econvertOpenRouterDeltaToBaseMessageChunk\u003c/code\u003e now copy OpenRouter's\n\u003ccode\u003ereasoning\u003c/code\u003e (flat string) and \u003ccode\u003ereasoning_details\u003c/code\u003e (structured array) fields\nonto \u003ccode\u003eadditional_kwargs.reasoning_content\u003c/code\u003e / \u003ccode\u003eadditional_kwargs.reasoning_details\u003c/code\u003e.\nA new \u003ccode\u003eChatOpenRouterTranslator\u003c/code\u003e is registered in \u003ccode\u003e@langchain/core\u003c/code\u003e under\nthe \u003ccode\u003e\u0026quot;openrouter\u0026quot;\u003c/code\u003e provider key so \u003ccode\u003eAIMessage.contentBlocks\u003c/code\u003e emits standard\n\u003ccode\u003e{type: \u0026quot;reasoning\u0026quot;}\u003c/code\u003e blocks alongside text and tool calls.\u003c/p\u003e\n\u003cp\u003ePreviously, reasoning text returned by reasoning-capable models routed\nthrough OpenRouter (DeepSeek R1, Minimax M2, Claude extended thinking,\no-series, etc.) was silently dropped: only the \u003ccode\u003ereasoning_tokens\u003c/code\u003e count\nwas preserved via \u003ccode\u003eusage_metadata\u003c/code\u003e. Consumers using standard content blocks\n(including the frontend agent UI patterns shown in the docs) could not\ndisplay the model's chain of thought.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10918\"\u003e#10918\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3999fab55870c6eea22d6d90c08aa472f9b2fac3\"\u003e\u003ccode\u003e3999fab\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(openai): stream custom tool calls through Responses API chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.47\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10906\"\u003e#10906\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f61b3450f275831e47e69c08899b4a2b67b4bdb3\"\u003e\u003ccode\u003ef61b345\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - feat(core): add uuid v6 utility support\u003c/p\u003e\n\u003cp\u003eAdd \u003ccode\u003ev6\u003c/code\u003e UUID generation support to \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e by vendoring the upstream uuidjs \u003ccode\u003ev6\u003c/code\u003e implementation and its \u003ccode\u003ev1ToV6\u003c/code\u003e helper, exporting \u003ccode\u003ev6\u003c/code\u003e from the UUID utils index, and adding tests for deterministic generation, buffer/offset behavior, validation/versioning, and ordering.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10792\"\u003e#10792\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3682268cd1844b2573b01f07bee367e21cb7bdc7\"\u003e\u003ccode\u003e3682268\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(core): apply v1 message casting after implicit streaming aggregation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10901\"\u003e#10901\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f26fc4a6f461d6d0f86d59bd00197ad510432c4a\"\u003e\u003ccode\u003ef26fc4a\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(testing): share fakeModel invocation state across bindTools instances\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.46\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10847\"\u003e#10847\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1659e7d36e31e315c890fa98f43db887f7a2d52b\"\u003e\u003ccode\u003e1659e7d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(core): reduce transitive dependency exposure and tighten release hygiene\u003c/p\u003e\n\u003cp\u003eRemove direct runtime dependencies on \u003ccode\u003eansi-styles\u003c/code\u003e, \u003ccode\u003ecamelcase\u003c/code\u003e, and \u003ccode\u003edecamelize\u003c/code\u003e\nby inlining equivalent logic in core internals, and enable npm provenance in the\nrelease workflow.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10790\"\u003e#10790\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/ef78bc6a21f9a8808ba95c98db2023f0a6b51bcc\"\u003e\u003ccode\u003eef78bc6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(core): keep different content block types separate when merging chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/core@1.1.48\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langchain` from 1.4.0-dev-1777615538778 to 1.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003elangchain's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003elangchain@1.4.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10900\"\u003e#10900\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/6bbddca1f8f7f280583fd839bb40c00bf19a0d51\"\u003e\u003ccode\u003e6bbddca\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(langchain): unwrap tool message outputs in agent streams\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10706\"\u003e#10706\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/4ecb6606feae3156a07de67e39e2027f857c476e\"\u003e\u003ccode\u003e4ecb660\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/JadenKim-dev\"\u003e\u003ccode\u003e@​JadenKim-dev\u003c/code\u003e\u003c/a\u003e! - fix(langchain): set name on todoListMiddleware ToolMessages\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003elangchain@1.4.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10879\"\u003e#10879\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/eb480cb6df8e0fa792826155bfa00a6db4536444\"\u003e\u003ccode\u003eeb480cb\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/vignesh-gep\"\u003e\u003ccode\u003e@​vignesh-gep\u003c/code\u003e\u003c/a\u003e! - fix(langchain/createAgent): throw on terminal \u003ccode\u003eproviderStrategy\u003c/code\u003e parse failure instead of silently resolving with \u003ccode\u003estructuredResponse: undefined\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eWhen \u003ccode\u003ecreateAgent\u003c/code\u003e was configured with \u003ccode\u003eresponseFormat\u003c/code\u003e resolving to a \u003ccode\u003eproviderStrategy\u003c/code\u003e (either passed explicitly or auto-promoted from a bare Zod / JSON schema for models whose profile reports \u003ccode\u003estructuredOutput: true\u003c/code\u003e), and the model produced a terminal response (no \u003ccode\u003etool_calls\u003c/code\u003e) whose text could not be JSON-parsed or did not satisfy the schema, the agent silently exited with no \u003ccode\u003estructuredResponse\u003c/code\u003e, surfacing later as \u003ccode\u003eTypeError: Cannot read properties of undefined\u003c/code\u003e. The agent now throws a \u003ccode\u003eStructuredOutputParsingError\u003c/code\u003e in that case while still allowing the agent loop to continue when tool calls are present. Closes \u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10878\"\u003e#10878\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10160\"\u003e#10160\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/bba900c7c8781c7efec856d5d3e539a93f14e797\"\u003e\u003ccode\u003ebba900c\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/JadenKim-dev\"\u003e\u003ccode\u003e@​JadenKim-dev\u003c/code\u003e\u003c/a\u003e! - fix(langchain): prevent llmToolSelectorMiddleware from leaking into message stream\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/openai@1.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/openai` from 1.4.5 to 1.4.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/openai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/openai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10918\"\u003e#10918\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3999fab55870c6eea22d6d90c08aa472f9b2fac3\"\u003e\u003ccode\u003e3999fab\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(openai): stream custom tool calls through Responses API chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10791\"\u003e#10791\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/fce9ab418901323618fdfaaa9fc350fa1c0d50e0\"\u003e\u003ccode\u003efce9ab4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(openai): preserve top-level Responses API ids on AI messages\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/openai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10902\"\u003e#10902\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/229a7ad67b9a7ebd8df3ca451e0b8195bea0190e\"\u003e\u003ccode\u003e229a7ad\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(openai): preserve v1 assistant tool calls\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10895\"\u003e#10895\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/36fb0ef1dc76c096dcfa0c777e10c9f9365a5240\"\u003e\u003ccode\u003e36fb0ef\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/BertBR\"\u003e\u003ccode\u003e@​BertBR\u003c/code\u003e\u003c/a\u003e! - fix(openai): guard bare \u003ccode\u003eJSON.parse\u003c/code\u003e in Responses API converter against trailing non-whitespace characters\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003econvertResponsesDeltaToChatGenerationChunk\u003c/code\u003e previously called \u003ccode\u003eJSON.parse(msg.text)\u003c/code\u003e directly when \u003ccode\u003eresponse.text.format.type === \u0026quot;json_schema\u0026quot;\u003c/code\u003e. Some models (observed with \u003ccode\u003egpt-5-mini\u003c/code\u003e on \u003ccode\u003eservice_tier: \u0026quot;auto\u0026quot;\u003c/code\u003e) intermittently emit trailing non-whitespace characters (extra tokens, control characters) after a valid JSON object, causing a \u003ccode\u003eSyntaxError\u003c/code\u003e that propagates as an unhandled exception and kills the entire streaming response mid-flight. The parse is now wrapped in a \u003ccode\u003etry\u003c/code\u003e/\u003ccode\u003ecatch\u003c/code\u003e: on failure, \u003ccode\u003eadditional_kwargs.parsed\u003c/code\u003e is left undefined, the stream completes normally, and the existing \u003ccode\u003ewithStructuredOutput\u003c/code\u003e pipeline handles the typed failure — \u003ccode\u003eincludeRaw: true\u003c/code\u003e returns \u003ccode\u003e{ raw, parsed: null }\u003c/code\u003e via its \u003ccode\u003ewithFallbacks\u003c/code\u003e wrapper, \u003ccode\u003eincludeRaw: false\u003c/code\u003e throws a typed \u003ccode\u003eOutputParserException\u003c/code\u003e that the caller can catch and retry. Closes \u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10894\"\u003e#10894\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/openai@1.4.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/groq` from 1.2.0 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/groq's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/groq\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.2.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1b19e4f84d747b481879363b4884c20eb1c0f1a4\"\u003e\u003ccode\u003e1b19e4f\u003c/code\u003e\u003c/a\u003e chore: version packages (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/426e3aba21016d9ee070c3d130f74ae0047c9ce5\"\u003e\u003ccode\u003e426e3ab\u003c/code\u003e\u003c/a\u003e chore: fix uuid changeset (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10916\"\u003e#10916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/245c98216ce4a6c4340954711a7ad60203283424\"\u003e\u003ccode\u003e245c982\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10914\"\u003e#10914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/126dac5a7a2fac5978448185893038ac8ea6d994\"\u003e\u003ccode\u003e126dac5\u003c/code\u003e\u003c/a\u003e chore(deps): bump brace-expansion from 5.0.5 to 5.0.6 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10912\"\u003e#10912\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1abe24becdddce94c5bd2acfaf920b60a683f22b\"\u003e\u003ccode\u003e1abe24b\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10913\"\u003e#10913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/229a7ad67b9a7ebd8df3ca451e0b8195bea0190e\"\u003e\u003ccode\u003e229a7ad\u003c/code\u003e\u003c/a\u003e fix(openai): preserve v1 assistant tool calls (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10902\"\u003e#10902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f26fc4a6f461d6d0f86d59bd00197ad510432c4a\"\u003e\u003ccode\u003ef26fc4a\u003c/code\u003e\u003c/a\u003e fix(core): share fakeModel invocation state across bindTools instances (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10901\"\u003e#10901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a0cd7477e59677c8d15e0e70b374afa0a2410582\"\u003e\u003ccode\u003ea0cd747\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-xml-builder from 1.1.5 to 1.1.9 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10910\"\u003e#10910\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/b208e625865fc7487876b652f479dbf854263e68\"\u003e\u003ccode\u003eb208e62\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address from 10.1.0 to 10.2.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10909\"\u003e#10909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f7e50fb8b98bd9969c0f5cf0967a06df15453453\"\u003e\u003ccode\u003ef7e50fb\u003c/code\u003e\u003c/a\u003e feat(google): Service tier and custom headers (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10704\"\u003e#10704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langchainjs/compare/@langchain/groq@1.2.0...@langchain/groq@1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/mistralai` from 1.0.8 to 1.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/mistralai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/mistralai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10873\"\u003e#10873\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a74d574f7f086bea2f5c7a852e869f7d24be2f55\"\u003e\u003ccode\u003ea74d574\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/baptistejamin\"\u003e\u003ccode\u003e@​baptistejamin\u003c/code\u003e\u003c/a\u003e! - chore(mistralai): upgrade to \u003ccode\u003e@​mistralai/mistralai\u003c/code\u003e v2\u003c/p\u003e\n\u003cp\u003eAlso populates \u003ccode\u003eresponse_metadata.model\u003c/code\u003e on chat completions (was missing before).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/caad0914f068477293009dbf27a220fa96bdc4b8\"\u003e\u003ccode\u003ecaad091\u003c/code\u003e\u003c/a\u003e chore: version packages (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10919\"\u003e#10919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f4a6149e3e754203f5886dd8c2bccaa7a6fd4f81\"\u003e\u003ccode\u003ef4a6149\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10926\"\u003e#10926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/7b12f6dfa537932073f96b561d7c851b30d69132\"\u003e\u003ccode\u003e7b12f6d\u003c/code\u003e\u003c/a\u003e chore(deps): bump protobufjs from 7.5.6 to 7.6.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10930\"\u003e#10930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/5c6c5fef0cb392e782675ca5926e291a4295a653\"\u003e\u003ccode\u003e5c6c5fe\u003c/code\u003e\u003c/a\u003e chore(deps): bump ws from 5.2.4 to 8.20.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10915\"\u003e#10915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a8652ceeb5e36434565c96fc1a6bd9a4a36304cc\"\u003e\u003ccode\u003ea8652ce\u003c/code\u003e\u003c/a\u003e docs: fix typos, add Ollama setup, update outdated references (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10922\"\u003e#10922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2bb55b053f49f89e81e3252a7af08e86d71ddd95\"\u003e\u003ccode\u003e2bb55b0\u003c/code\u003e\u003c/a\u003e feat(openrouter): surface reasoning as v1 standard content blocks (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10666\"\u003e#10666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/4ecb6606feae3156a07de67e39e2027f857c476e\"\u003e\u003ccode\u003e4ecb660\u003c/code\u003e\u003c/a\u003e fix(langchain): set name on todoListMiddleware ToolMessages (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10706\"\u003e#10706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/20f27dff08a4bd5a1a16c1c71a88405c9df82914\"\u003e\u003ccode\u003e20f27df\u003c/code\u003e\u003c/a\u003e fix(ibm): handle API errors in streaming responses (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10721\"\u003e#10721\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/45668734c3205e631cdd33ac071bbf733f4558c7\"\u003e\u003ccode\u003e4566873\u003c/code\u003e\u003c/a\u003e feat(ibm): add integration test to IBM implementation (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10732\"\u003e#10732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/6e4337fec1a7707c1a1c709a7b6aa0c5efb7b11d\"\u003e\u003ccode\u003e6e4337f\u003c/code\u003e\u003c/a\u003e fix(aws): add claude-haiku-4 to supportedToolChoiceValuesForModel (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10743\"\u003e#10743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langchainjs/compare/@langchain/classic@1.0.8...@langchain/mistralai@1.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/classic` from 1.0.32 to 1.0.34\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/classic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/classic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.34\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3999fab55870c6eea22d6d90c08aa472f9b2fac3\"\u003e\u003ccode\u003e3999fab\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/fce9ab418901323618fdfaaa9fc350fa1c0d50e0\"\u003e\u003ccode\u003efce9ab4\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​langchain/openai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.7\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/classic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.33\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/229a7ad67b9a7ebd8df3ca451e0b8195bea0190e\"\u003e\u003ccode\u003e229a7ad\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/36fb0ef1dc76c096dcfa0c777e10c9f9365a5240\"\u003e\u003ccode\u003e36fb0ef\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​langchain/openai\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langchainjs/commits/@langchain/classic@1.0.34\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.6.0 to 0.7.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(google-adk): add wrapt dependency by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2436\"\u003elangchain-ai/langsmith-sdk#2436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: lock dependencies by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2439\"\u003elangchain-ai/langsmith-sdk#2439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.4 by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2441\"\u003elangchain-ai/langsmith-sdk#2441\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.3...v0.7.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: propagate tracingEnabled to nested traceables by \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2427\"\u003elangchain-ai/langsmith-sdk#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(python): openai agents: delay span start for spans without inputs on start event by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2424\"\u003elangchain-ai/langsmith-sdk#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.3 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2428\"\u003elangchain-ai/langsmith-sdk#2428\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2389\"\u003elangchain-ai/langsmith-sdk#2389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove \u003ca href=\"https://github.com/internal\"\u003e\u003ccode\u003e@​internal\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2391\"\u003elangchain-ai/langsmith-sdk#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2392\"\u003elangchain-ai/langsmith-sdk#2392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump openai from 5.8.2 to 6.18.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2378\"\u003elangchain-ai/langsmith-sdk#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump cross-env from 7.0.3 to 10.1.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2379\"\u003elangchain-ai/langsmith-sdk#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2376\"\u003elangchain-ai/langsmith-sdk#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump node-fetch from 2.7.0 to 3.3.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2380\"\u003elangchain-ai/langsmith-sdk#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGoogle ADK LangSmith tracing enhancements by \u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependabot.yml to comply with posture checks by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2393\"\u003elangchain-ai/langsmith-sdk#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump cryptography from 46.0.3 to 46.0.5 in /python in the uv group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2397\"\u003elangchain-ai/langsmith-sdk#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2398\"\u003elangchain-ai/langsmith-sdk#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2399\"\u003elangchain-ai/langsmith-sdk#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump packaging from 25.0 to 26.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2403\"\u003elangchain-ai/langsmith-sdk#2403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pytest from 8.4.2 to 9.0.2 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2405\"\u003elangchain-ai/langsmith-sdk#2405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 20 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2406\"\u003elangchain-ai/langsmith-sdk#2406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Log Vitest/Jest outputs even if test throws an error by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2408\"\u003elangchain-ai/langsmith-sdk#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove async by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2409\"\u003elangchain-ai/langsmith-sdk#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.3 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2410\"\u003elangchain-ai/langsmith-sdk#2410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignoring p-queue dep by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2414\"\u003elangchain-ai/langsmith-sdk#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add on_start handler for traceable, use in evaluate by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2421\"\u003elangchain-ai/langsmith-sdk#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.4 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2422\"\u003elangchain-ai/langsmith-sdk#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2419\"\u003elangchain-ai/langsmith-sdk#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2423\"\u003elangchain-ai/langsmith-sdk#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2426\"\u003elangchain-ai/langsmith-sdk#2426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1132e6ce6391d08158a93acb5c96b90521ac3230\"\u003e\u003ccode\u003e1132e6c\u003c/code\u003e\u003c/a\u003e release(py): 0.7.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2441\"\u003e#2441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8c7cc783806e4a6d71300982d58ecb3c9bc658cd\"\u003e\u003ccode\u003e8c7cc78\u003c/code\u003e\u003c/a\u003e chore: lock dependencies (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2439\"\u003e#2439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/62c256ea56fdee0bc539275c749a427e510ded8f\"\u003e\u003ccode\u003e62c256e\u003c/code\u003e\u003c/a\u003e fix(google-adk): add wrapt dependency (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2436\"\u003e#2436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/e32d4c18a681553f47c93350f03dc0a0f0cc4890\"\u003e\u003ccode\u003ee32d4c1\u003c/code\u003e\u003c/a\u003e release(py): 0.7.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2428\"\u003e#2428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1c51bf881dafaeb01432db629de7cafaabca79dc\"\u003e\u003ccode\u003e1c51bf8\u003c/code\u003e\u003c/a\u003e chore(python): openai agents: delay span start for spans without inputs on st...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/a41bf22dadaea489a156dc06a9d0fbf1a977ff6d\"\u003e\u003ccode\u003ea41bf22\u003c/code\u003e\u003c/a\u003e fix: propagate tracingEnabled to nested traceables (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2427\"\u003e#2427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3a6e9dac4bf3a940f7ee47e420cc1422f9f4a4b4\"\u003e\u003ccode\u003e3a6e9da\u003c/code\u003e\u003c/a\u003e release(py): 0.7.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/f665e865e7ab7a0ba1de447f2a1cf14c719af00a\"\u003e\u003ccode\u003ef665e86\u003c/code\u003e\u003c/a\u003e feat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2423\"\u003e#2423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/565c4a2c5769e698ecffbf7f43131ff9cc467f8d\"\u003e\u003ccode\u003e565c4a2\u003c/code\u003e\u003c/a\u003e feat(python): add feedback config CRUD and annotation queue rubric items (clo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/e1b1fe13c382371ebe4cffa1b95eba3bf74e2f37\"\u003e\u003ccode\u003ee1b1fe1\u003c/code\u003e\u003c/a\u003e release(js): 0.5.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2422\"\u003e#2422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.6.0...v0.7.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/langchain-ai/langgraphjs/pull/2476","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/langchain-ai%2Flanggraphjs/issues/2476","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2476/packages"}},{"old_version":"0.3.74","new_version":"0.3.87","update_type":"patch","path":null,"pr_created_at":"2026-05-31T23:32:15.000Z","version_change":"0.3.74 → 0.3.87","issue":{"uuid":"4559372432","node_id":"PR_kwDONhlJ1c7hLHH1","number":240,"state":"closed","title":"feat(deps): Bump the npm_and_yarn group across 17 directories with 5 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-31T23:38:48.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-31T23:32:15.000Z","updated_at":"2026-05-31T23:38:50.000Z","time_to_close":393,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"feat(deps): Bump","group_name":"npm_and_yarn","update_count":5,"packages":[{"name":"astro","old_version":"3.5.0","new_version":"6.1.10","repository_url":"https://github.com/withastro/astro"},{"name":"next","old_version":"14.2.35","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"svelte","old_version":"3.59.2","new_version":"5.55.7","repository_url":"https://github.com/sveltejs/svelte"},{"name":"devalue","old_version":"4.3.3","new_version":"5.8.1"},{"name":"langsmith","old_version":"0.3.74","new_version":"0.3.87","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"astro","old_version":"3.5.0","new_version":"6.1.10","repository_url":"https://github.com/withastro/astro"},{"name":"astro","old_version":"3.5.0","new_version":"6.1.10","repository_url":"https://github.com/withastro/astro"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 4 updates in the / directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro), [next](https://github.com/vercel/next.js), [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) and [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/astro-4 directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/astro-5 directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/astro-5-cf-workers directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-13 directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-14 directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-16-cacheComponents directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-16-trailing-slash directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-app-dir directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-orpc directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/nextjs-pages-dir directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/supabase-nextjs directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /dev-packages/e2e-tests/test-applications/sveltekit-2 directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte).\nBumps the npm_and_yarn group with 1 update in the /packages/astro directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro).\nBumps the npm_and_yarn group with 1 update in the /packages/nextjs directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /packages/svelte directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte).\nBumps the npm_and_yarn group with 1 update in the /packages/sveltekit directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte).\n\nUpdates `astro` from 3.5.0 to 6.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/releases\"\u003eastro's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eastro@6.1.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16479\"\u003e#16479\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious \u003ccode\u003e[WARN] [content] Content config not loaded\u003c/code\u003e warning during \u003ccode\u003eastro dev\u003c/code\u003e for projects that don't use content collections\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16457\"\u003e#16457\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens server island encryption to prevent encrypted data from one island component being replayed against a different one\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16481\"\u003e#16481\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious 404 request for a dev toolbar sourcemap during \u003ccode\u003eastro dev\u003c/code\u003e caused by the browser mis-resolving a relative \u003ccode\u003esourceMappingURL\u003c/code\u003e from the \u003ccode\u003e/@id/\u003c/code\u003e URL prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16480\"\u003e#16480\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes an unnecessary full page reload on first navigation during dev\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16448\"\u003e#16448\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Updates vite, picomatch, and unstorage to latest patch versions\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16422\"\u003e#16422\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a3951d7873c7c210fedbaa77702bc33db6410715\"\u003e\u003ccode\u003ea3951d7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens \u003ccode\u003eastro-island\u003c/code\u003e export resolution and hydration error handling for malformed component metadata\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16420\"\u003e#16420\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/e21de1d03b318d5045dba718291c04fe05c01490\"\u003e\u003ccode\u003ee21de1d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16419\"\u003e#16419\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16022\"\u003e#16022\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a002540d60d4a840db9971e73c820a8015658ffe\"\u003e\u003ccode\u003ea002540\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/mathieumaf\"\u003e\u003ccode\u003e@​mathieumaf\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where i18n domains would return 404 when \u003ccode\u003etrailingSlash\u003c/code\u003e is set to \u003ccode\u003enever\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/internal-helpers\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.9.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/markdown-remark\u003c/code\u003e\u003ca href=\"https://github.com/7\"\u003e\u003ccode\u003e@​7\u003c/code\u003e\u003c/a\u003e.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16367\"\u003e#16367\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a6866a7ef086627f8f8237274361d8acc2f85121\"\u003e\u003ccode\u003ea6866a7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where build output files could contain special characters (\u003ccode\u003e!\u003c/code\u003e, \u003ccode\u003e~\u003c/code\u003e, \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e}\u003c/code\u003e) in their names, causing deploy failures on platforms like Netlify.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16381\"\u003e#16381\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/217c5b3b937f0aee7e59280e8a10cf2bd4237605\"\u003e\u003ccode\u003e217c5b3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16348\"\u003e#16348\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/7d26cd77bc1b33cee81f0e7b408dc2d170be1bdd\"\u003e\u003ccode\u003e7d26cd7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ocavue\"\u003e\u003ccode\u003e@​ocavue\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where \u003ccode\u003eallowedDomains\u003c/code\u003e weren't correctly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16379\"\u003e#16379\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5a845514114ae21ca9820e98b56cce33c0cf579b\"\u003e\u003ccode\u003e5a84551\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/martrapp\"\u003e\u003ccode\u003e@​martrapp\u003c/code\u003e\u003c/a\u003e! - Improves Vue scoped style handling in DEV mode during client router navigation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Adds tests to verify settings are properly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16282\"\u003e#16282\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5b0fdaa8ba3dc17f4b93d9847c3255150b0aeab2\"\u003e\u003ccode\u003e5b0fdaa\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jmurty\"\u003e\u003ccode\u003e@​jmurty\u003c/code\u003e\u003c/a\u003e! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/e0b240edea4db632138def3a9003b4b12e12f765\"\u003e\u003ccode\u003ee0b240e\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/telemetry\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.3.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v3.md\"\u003eastro's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9226\"\u003e#9226\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/8f8a40e93d6a0774ba84a6f5db8c42cd81db005e\"\u003e\u003ccode\u003e8f8a40e93\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/outofambit\"\u003e\u003ccode\u003e@​outofambit\u003c/code\u003e\u003c/a\u003e! - Fix i18n fallback routing with routing strategy of always-prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9179\"\u003e#9179\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3f28336d9a52d7e4364d455ee3128d14d10a078a\"\u003e\u003ccode\u003e3f28336d9\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/lilnasy\"\u003e\u003ccode\u003e@​lilnasy\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where the presence of a slot in a page led to an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9219\"\u003e#9219\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/067a65f5b4d163bf1944cf47e6bf891f0b93553f\"\u003e\u003ccode\u003e067a65f5b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/natemoo-re\"\u003e\u003ccode\u003e@​natemoo-re\u003c/code\u003e\u003c/a\u003e! - Fix edge case where \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e updates inside of \u003ccode\u003e.astro\u003c/code\u003e files would occasionally fail to update without reloading the page.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9236\"\u003e#9236\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/27d3e86e4c8d04101113ab7a53477f26a4fb0619\"\u003e\u003ccode\u003e27d3e86e4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - The configuration \u003ccode\u003ei18n.routingStrategy\u003c/code\u003e has been replaced with an object called \u003ccode\u003erouting\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-always\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: true,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-other-locales\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: false,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9193\"\u003e#9193\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/0dc99c9a28fcb6b46db49eefac6afa415875edcb\"\u003e\u003ccode\u003e0dc99c9a2\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/florian-lefebvre\"\u003e\u003ccode\u003e@​florian-lefebvre\u003c/code\u003e\u003c/a\u003e! - Prevents the Code component from crashing if the lang isn't supported by falling back to \u003ccode\u003eplaintext\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9189\"\u003e#9189\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d90714fc3dd7c3eab0a6b29319b0b666bb04b678\"\u003e\u003ccode\u003ed90714fc3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/SpencerWhitehead7\"\u003e\u003ccode\u003e@​SpencerWhitehead7\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where links with the same pathname as the current page, but different search params, were not prefetched.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/c1f2e4f62adc1f2ba7b36f400f38fbab8862bc74\"\u003e\u003ccode\u003ec1f2e4f\u003c/code\u003e\u003c/a\u003e [ci] release (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16467\"\u003e#16467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/345fb9e370ddcd633c1043326e723ee43c89a3e4\"\u003e\u003ccode\u003e345fb9e\u003c/code\u003e\u003c/a\u003e chore: fix flaky dev toolbar render time test (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16500\"\u003e#16500\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/5120ecd4c337a7c59c4956ff8fd6bf327b4abce9\"\u003e\u003ccode\u003e5120ecd\u003c/code\u003e\u003c/a\u003e [ci] format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Add AEAD context binding to server island encryption (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16457\"\u003e#16457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Prebundle dev toolbar entrypoint in client environment (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16480\"\u003e#16480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/93101cce781585574d6b528bae05d5b6a02e63bd\"\u003e\u003ccode\u003e93101cc\u003c/code\u003e\u003c/a\u003e [ci] format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e fix: strip sourceMappingURL from dev toolbar entrypoint during dep optimizati...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/bc8304121b79f5fdcfb400d6baea977840391134\"\u003e\u003ccode\u003ebc83041\u003c/code\u003e\u003c/a\u003e refactor(astro): migrate test utils to typescript (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16492\"\u003e#16492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/5c543c595def9826acdd71c1cb88f08f8d63f1a5\"\u003e\u003ccode\u003e5c543c5\u003c/code\u003e\u003c/a\u003e refactor(astro): add internal entry points for test (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16473\"\u003e#16473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Suppress content config warning for projects without content collections (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/withastro/astro/commits/astro@6.1.10/packages/astro\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for astro since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.35 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.35...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svelte` from 3.59.2 to 5.55.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/releases\"\u003esvelte's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esvelte@5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reapply context after transforming error during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18099\"\u003e#18099\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't rebase just-created batches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18117\"\u003e#18117\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: allow \u003ccode\u003enull\u003c/code\u003e for \u003ccode\u003epending\u003c/code\u003e in typings (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18201\"\u003e#18201\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: flush eager effects in production (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18107\"\u003e#18107\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: rethrow error of failed iterable after calling \u003ccode\u003ereturn()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18169\"\u003e#18169\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: account for proxified instance when updating \u003ccode\u003ebind:this\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18147\"\u003e#18147\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: ensure scheduled batch is flushed if not obsolete (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18131\"\u003e#18131\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: resolve stale deriveds with latest value (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18167\"\u003e#18167\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: remove unnecessary \u003ccode\u003eincrement_pending\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18183\"\u003e#18183\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: correctly compile component member expressions for SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18192\"\u003e#18192\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reset \u003ccode\u003esource.updated\u003c/code\u003e stack traces after \u003ccode\u003eflush\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18196\"\u003e#18196\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: replacing async 'blocking' strategy with 'merging' (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18205\"\u003e#18205\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: allow \u003ccode\u003e@debug\u003c/code\u003e tags to reference awaited variables (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18138\"\u003e#18138\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: re-run fallback props if dependencies update (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18146\"\u003e#18146\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: abort running obsolete async branches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18118\"\u003e#18118\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG-pre-5.md\"\u003esvelte's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003esvelte\u003c/h1\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: improve a11y-click-events-have-key-events message (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9358\"\u003e#9358\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: more robust hydration of html tag (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9184\"\u003e#9184\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: support camelCase properties on custom elements (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9328\"\u003e#9328\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: add missing plaintext-only value to contenteditable type (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9242\"\u003e#9242\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: upgrade magic-string to 0.30.4 (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9292\"\u003e#9292\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: ignore trailing comments when comparing nodes (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9197\"\u003e#9197\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: update style directive when style attribute is present and is updated via an object prop (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9187\"\u003e#9187\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: css sourcemap generation with unicode filenames (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9120\"\u003e#9120\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: do not add module declared variables as dependencies (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9122\"\u003e#9122\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: handle \u003ccode\u003esvelte:element\u003c/code\u003e with dynamic this and spread attributes (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9112\"\u003e#9112\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: silence false positive reactive component warning (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9094\"\u003e#9094\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: head duplication when binding is present (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9124\"\u003e#9124\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: take custom attribute name into account when reflecting property (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9140\"\u003e#9140\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: add \u003ccode\u003eindeterminate\u003c/code\u003e to the list of HTMLAttributes (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9180\"\u003e#9180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: recognize option value on spread attribute (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9125\"\u003e#9125\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: move \u003ccode\u003esvelteHTML\u003c/code\u003e from language-tools into core to load the correct \u003ccode\u003esvelte/element\u003c/code\u003e types (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/9070\"\u003e#9070\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/4d8f99a2709e3c02e48d8bc6c77458f4ba49d0e3\"\u003e\u003ccode\u003e4d8f99a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18220\"\u003e#18220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/05523088173e10af0753877af6936088de924833\"\u003e\u003ccode\u003e0552308\u003c/code\u003e\u003c/a\u003e chore: bump devalue (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18219\"\u003e#18219\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd9\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/55f9c85c09d625c3dd80c71ce7542f57386fafb4\"\u003e\u003ccode\u003e55f9c85\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18158\"\u003e#18158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a10e8e47a5946623a60a1e36b9023c23926eae87\"\u003e\u003ccode\u003ea10e8e4\u003c/code\u003e\u003c/a\u003e fix: keep dependencies of \u003ccode\u003e$state.eager\u003c/code\u003e/\u003ccode\u003epending\u003c/code\u003e (alternative approach) (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ef4b97dfabfd7a23b27933e18f7393587c343d66\"\u003e\u003ccode\u003eef4b97d\u003c/code\u003e\u003c/a\u003e fix: duplicated \u0026quot;of\u0026quot; in events.js comment (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18217\"\u003e#18217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/5122936edb3c14e9a602e579727479b49cbd3239\"\u003e\u003ccode\u003e5122936\u003c/code\u003e\u003c/a\u003e fix: treat batches as a linked list (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18205\"\u003e#18205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/svelte/commits/svelte@5.55.7/packages/svelte\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for svelte since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 4.3.3 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v4.3.3...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for devalue since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.3.74 to 0.3.87\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `astro` from 3.5.0 to 6.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/releases\"\u003eastro's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eastro@6.1.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16479\"\u003e#16479\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious \u003ccode\u003e[WARN] [content] Content config not loaded\u003c/code\u003e warning during \u003ccode\u003eastro dev\u003c/code\u003e for projects that don't use content collections\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16457\"\u003e#16457\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens server island encryption to prevent encrypted data from one island component being replayed against a different one\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16481\"\u003e#16481\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious 404 request for a dev toolbar sourcemap during \u003ccode\u003eastro dev\u003c/code\u003e caused by the browser mis-resolving a relative \u003ccode\u003esourceMappingURL\u003c/code\u003e from the \u003ccode\u003e/@id/\u003c/code\u003e URL prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16480\"\u003e#16480\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes an unnecessary full page reload on first navigation during dev\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16448\"\u003e#16448\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Updates vite, picomatch, and unstorage to latest patch versions\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16422\"\u003e#16422\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a3951d7873c7c210fedbaa77702bc33db6410715\"\u003e\u003ccode\u003ea3951d7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens \u003ccode\u003eastro-island\u003c/code\u003e export resolution and hydration error handling for malformed component metadata\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16420\"\u003e#16420\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/e21de1d03b318d5045dba718291c04fe05c01490\"\u003e\u003ccode\u003ee21de1d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16419\"\u003e#16419\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16022\"\u003e#16022\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a002540d60d4a840db9971e73c820a8015658ffe\"\u003e\u003ccode\u003ea002540\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/mathieumaf\"\u003e\u003ccode\u003e@​mathieumaf\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where i18n domains would return 404 when \u003ccode\u003etrailingSlash\u003c/code\u003e is set to \u003ccode\u003enever\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/internal-helpers\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.9.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/markdown-remark\u003c/code\u003e\u003ca href=\"https://github.com/7\"\u003e\u003ccode\u003e@​7\u003c/code\u003e\u003c/a\u003e.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16367\"\u003e#16367\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a6866a7ef086627f8f8237274361d8acc2f85121\"\u003e\u003ccode\u003ea6866a7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where build output files could contain special characters (\u003ccode\u003e!\u003c/code\u003e, \u003ccode\u003e~\u003c/code\u003e, \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e}\u003c/code\u003e) in their names, causing deploy failures on platforms like Netlify.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16381\"\u003e#16381\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/217c5b3b937f0aee7e59280e8a10cf2bd4237605\"\u003e\u003ccode\u003e217c5b3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16348\"\u003e#16348\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/7d26cd77bc1b33cee81f0e7b408dc2d170be1bdd\"\u003e\u003ccode\u003e7d26cd7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ocavue\"\u003e\u003ccode\u003e@​ocavue\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where \u003ccode\u003eallowedDomains\u003c/code\u003e weren't correctly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16379\"\u003e#16379\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5a845514114ae21ca9820e98b56cce33c0cf579b\"\u003e\u003ccode\u003e5a84551\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/martrapp\"\u003e\u003ccode\u003e@​martrapp\u003c/code\u003e\u003c/a\u003e! - Improves Vue scoped style handling in DEV mode during client router navigation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Adds tests to verify settings are properly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16282\"\u003e#16282\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5b0fdaa8ba3dc17f4b93d9847c3255150b0aeab2\"\u003e\u003ccode\u003e5b0fdaa\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jmurty\"\u003e\u003ccode\u003e@​jmurty\u003c/code\u003e\u003c/a\u003e! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/e0b240edea4db632138def3a9003b4b12e12f765\"\u003e\u003ccode\u003ee0b240e\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/telemetry\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.3.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v3.md\"\u003eastro's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9226\"\u003e#9226\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/8f8a40e93d6a0774ba84a6f5db8c42cd81db005e\"\u003e\u003ccode\u003e8f8a40e93\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/outofambit\"\u003e\u003ccode\u003e@​outofambit\u003c/code\u003e\u003c/a\u003e! - Fix i18n fallback routing with routing strategy of always-prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9179\"\u003e#9179\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3f28336d9a52d7e4364d455ee3128d14d10a078a\"\u003e\u003ccode\u003e3f28336d9\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/lilnasy\"\u003e\u003ccode\u003e@​lilnasy\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where the presence of a slot in a page led to an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9219\"\u003e#9219\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/067a65f5b4d163bf1944cf47e6bf891f0b93553f\"\u003e\u003ccode\u003e067a65f5b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/natemoo-re\"\u003e\u003ccode\u003e@​natemoo-re\u003c/code\u003e\u003c/a\u003e! - Fix edge case where \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e updates inside of \u003ccode\u003e.astro\u003c/code\u003e files would occasionally fail to update without reloading the page.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9236\"\u003e#9236\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/27d3e86e4c8d04101113ab7a53477f26a4fb0619\"\u003e\u003ccode\u003e27d3e86e4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - The configuration \u003ccode\u003ei18n.routingStrategy\u003c/code\u003e has been replaced with an object called \u003ccode\u003erouting\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-always\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: true,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-other-locales\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: false,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9193\"\u003e#9193\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/0dc99c9a28fcb6b46db49eefac6afa415875edcb\"\u003e\u003ccode\u003e0dc99c9a2\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/florian-lefebvre\"\u003e\u003ccode\u003e@​florian-lefebvre\u003c/code\u003e\u003c/a\u003e! - Prevents the Code component from crashing if the lang isn't supported by falling back to \u003ccode\u003eplaintext\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9189\"\u003e#9189\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d90714fc3dd7c3eab0a6b29319b0b666bb04b678\"\u003e\u003ccode\u003ed90714fc3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/SpencerWhitehead7\"\u003e\u003ccode\u003e@​SpencerWhitehead7\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where links with the same pathname as the current page, but different search params, were not prefetched.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/c1f2e4f62adc1f2ba7b36f400f38fbab8862bc74\"\u003e\u003ccode\u003ec1f2e4f\u003c/code\u003e\u003c/a\u003e [ci] release (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16467\"\u003e#16467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/345fb9e370ddcd633c1043326e723ee43c89a3e4\"\u003e\u003ccode\u003e345fb9e\u003c/code\u003e\u003c/a\u003e chore: fix flaky dev toolbar render time test (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16500\"\u003e#16500\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/5120ecd4c337a7c59c4956ff8fd6bf327b4abce9\"\u003e\u003ccode\u003e5120ecd\u003c/code\u003e\u003c/a\u003e [ci] format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Add AEAD context binding to server island encryption (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16457\"\u003e#16457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Prebundle dev toolbar entrypoint in client environment (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16480\"\u003e#16480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/93101cce781585574d6b528bae05d5b6a02e63bd\"\u003e\u003ccode\u003e93101cc\u003c/code\u003e\u003c/a\u003e [ci] format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e fix: strip sourceMappingURL from dev toolbar entrypoint during dep optimizati...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/bc8304121b79f5fdcfb400d6baea977840391134\"\u003e\u003ccode\u003ebc83041\u003c/code\u003e\u003c/a\u003e refactor(astro): migrate test utils to typescript (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16492\"\u003e#16492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/5c543c595def9826acdd71c1cb88f08f8d63f1a5\"\u003e\u003ccode\u003e5c543c5\u003c/code\u003e\u003c/a\u003e refactor(astro): add internal entry points for test (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16473\"\u003e#16473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Suppress content config warning for projects without content collections (\u003ca href=\"https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/withastro/astro/commits/astro@6.1.10/packages/astro\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for astro since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `astro` from 3.5.0 to 6.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/releases\"\u003eastro's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eastro@6.1.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16479\"\u003e#16479\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1058428df2d13878c6130787636dd1778273a934\"\u003e\u003ccode\u003e1058428\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious \u003ccode\u003e[WARN] [content] Content config not loaded\u003c/code\u003e warning during \u003ccode\u003eastro dev\u003c/code\u003e for projects that don't use content collections\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16457\"\u003e#16457\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd\"\u003e\u003ccode\u003e3d82220\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens server island encryption to prevent encrypted data from one island component being replayed against a different one\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16481\"\u003e#16481\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/152700e08178285b240d8ef947cccd47b870ee5f\"\u003e\u003ccode\u003e152700e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes a spurious 404 request for a dev toolbar sourcemap during \u003ccode\u003eastro dev\u003c/code\u003e caused by the browser mis-resolving a relative \u003ccode\u003esourceMappingURL\u003c/code\u003e from the \u003ccode\u003e/@id/\u003c/code\u003e URL prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16480\"\u003e#16480\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/1bcb43bf04f3fa8f4623897ae2a937250f35216a\"\u003e\u003ccode\u003e1bcb43b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Fixes an unnecessary full page reload on first navigation during dev\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16448\"\u003e#16448\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Updates vite, picomatch, and unstorage to latest patch versions\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16422\"\u003e#16422\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a3951d7873c7c210fedbaa77702bc33db6410715\"\u003e\u003ccode\u003ea3951d7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens \u003ccode\u003eastro-island\u003c/code\u003e export resolution and hydration error handling for malformed component metadata\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16420\"\u003e#16420\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/e21de1d03b318d5045dba718291c04fe05c01490\"\u003e\u003ccode\u003ee21de1d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16419\"\u003e#16419\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/matthewp\"\u003e\u003ccode\u003e@​matthewp\u003c/code\u003e\u003c/a\u003e! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16022\"\u003e#16022\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a002540d60d4a840db9971e73c820a8015658ffe\"\u003e\u003ccode\u003ea002540\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/mathieumaf\"\u003e\u003ccode\u003e@​mathieumaf\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where i18n domains would return 404 when \u003ccode\u003etrailingSlash\u003c/code\u003e is set to \u003ccode\u003enever\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/99464edb5fc0968f6497328e106f26ab393668bd\"\u003e\u003ccode\u003e99464ed\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/withastro/astro/commit/f3485c3458bc8bf70c152126e418c24f489ded9d\"\u003e\u003ccode\u003ef3485c3\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/internal-helpers\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.9.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/markdown-remark\u003c/code\u003e\u003ca href=\"https://github.com/7\"\u003e\u003ccode\u003e@​7\u003c/code\u003e\u003c/a\u003e.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eastro@6.1.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16367\"\u003e#16367\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/a6866a7ef086627f8f8237274361d8acc2f85121\"\u003e\u003ccode\u003ea6866a7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where build output files could contain special characters (\u003ccode\u003e!\u003c/code\u003e, \u003ccode\u003e~\u003c/code\u003e, \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e}\u003c/code\u003e) in their names, causing deploy failures on platforms like Netlify.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16381\"\u003e#16381\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/217c5b3b937f0aee7e59280e8a10cf2bd4237605\"\u003e\u003ccode\u003e217c5b3\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16348\"\u003e#16348\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/7d26cd77bc1b33cee81f0e7b408dc2d170be1bdd\"\u003e\u003ccode\u003e7d26cd7\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ocavue\"\u003e\u003ccode\u003e@​ocavue\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Fixes a bug where \u003ccode\u003eallowedDomains\u003c/code\u003e weren't correctly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16379\"\u003e#16379\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5a845514114ae21ca9820e98b56cce33c0cf579b\"\u003e\u003ccode\u003e5a84551\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/martrapp\"\u003e\u003ccode\u003e@​martrapp\u003c/code\u003e\u003c/a\u003e! - Improves Vue scoped style handling in DEV mode during client router navigation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16317\"\u003e#16317\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/d012bfeadb5b33f9ab1175191d59357d629c327e\"\u003e\u003ccode\u003ed012bfe\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/das-peter\"\u003e\u003ccode\u003e@​das-peter\u003c/code\u003e\u003c/a\u003e! - Adds tests to verify settings are properly propagated when using the development server.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/16282\"\u003e#16282\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/5b0fdaa8ba3dc17f4b93d9847c3255150b0aeab2\"\u003e\u003ccode\u003e5b0fdaa\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jmurty\"\u003e\u003ccode\u003e@​jmurty\u003c/code\u003e\u003c/a\u003e! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/withastro/astro/commit/e0b240edea4db632138def3a9003b4b12e12f765\"\u003e\u003ccode\u003ee0b240e\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​astrojs/telemetry\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.3.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v3.md\"\u003eastro's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9226\"\u003e#9226\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/8f8a40e93d6a0774ba84a6f5db8c42cd81db005e\"\u003e\u003ccode\u003e8f8a40e93\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/outofambit\"\u003e\u003ccode\u003e@​outofambit\u003c/code\u003e\u003c/a\u003e! - Fix i18n fallback routing with routing strategy of always-prefix\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9179\"\u003e#9179\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/3f28336d9a52d7e4364d455ee3128d14d10a078a\"\u003e\u003ccode\u003e3f28336d9\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/lilnasy\"\u003e\u003ccode\u003e@​lilnasy\u003c/code\u003e\u003c/a\u003e! - Fixes an issue where the presence of a slot in a page led to an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9219\"\u003e#9219\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/067a65f5b4d163bf1944cf47e6bf891f0b93553f\"\u003e\u003ccode\u003e067a65f5b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/natemoo-re\"\u003e\u003ccode\u003e@​natemoo-re\u003c/code\u003e\u003c/a\u003e! - Fix edge case where \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e updates inside of \u003ccode\u003e.astro\u003c/code\u003e files would occasionally fail to update without reloading the page.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9236\"\u003e#9236\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/27d3e86e4c8d04101113ab7a53477f26a4fb0619\"\u003e\u003ccode\u003e27d3e86e4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ematipico\"\u003e\u003ccode\u003e@​ematipico\u003c/code\u003e\u003c/a\u003e! - The configuration \u003ccode\u003ei18n.routingStrategy\u003c/code\u003e has been replaced with an object called \u003ccode\u003erouting\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-always\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: true,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003eexport default defineConfig({\n  experimental: {\n      i18n: {\n-          routingStrategy: \u0026quot;prefix-other-locales\u0026quot;,\n+          routing: {\n+              prefixDefaultLocale: false,\n+          }\n      }\n  }\n})\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/withastro/astro/pull/9193\"\u003e#9193\u003c/a\u003e \u003ca href=\"https://github.com/withastro/astro/commit/0dc99c9a28fcb6b46db49eefac6afa415875edcb\"\u003e\u003ccode\u003e0dc9...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/sentry-javascript/pull/240","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fsentry-javascript/issues/240","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/240/packages"}},{"old_version":"0.5.26","new_version":"0.7.3","update_type":"minor","path":null,"pr_created_at":"2026-05-28T21:15:45.000Z","version_change":"0.5.26 → 0.7.3","issue":{"uuid":"4543879791","node_id":"PR_kwDORrxkis7gaOYR","number":19,"state":"open","title":"Bump the npm_and_yarn group across 10 directories with 3 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-28T21:15:45.000Z","updated_at":"2026-05-28T21:17:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":3,"packages":[{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"qs","old_version":"6.14.1","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"qs","old_version":"6.13.0","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"qs","old_version":"6.13.0","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"langsmith","old_version":"0.5.26","new_version":"0.7.3","repository_url":"https://github.com/langchain-ai/langsmith-sdk"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /built-in-ai-extension directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /built-in-ai-task-apis-polyfills directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /evals-course/evals-service directory: [protobufjs](https://github.com/protobufjs/protobuf.js) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /firebase-ai-logic directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /gemini-node-sse directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /prompt-api-playground directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /prompt-api-polyfill directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /summary-of-summaries directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 1 update in the /weather-ai directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /webmcp-evals directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.1 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.13.0 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.13.0 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.5.26 to 0.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: propagate tracingEnabled to nested traceables by \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2427\"\u003elangchain-ai/langsmith-sdk#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(python): openai agents: delay span start for spans without inputs on start event by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2424\"\u003elangchain-ai/langsmith-sdk#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.3 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2428\"\u003elangchain-ai/langsmith-sdk#2428\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.2...v0.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.c...\n\n_Description has been truncated_","html_url":"https://github.com/danielbodnar/web-ai-demos/pull/19","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/danielbodnar%2Fweb-ai-demos/issues/19","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/19/packages"}},{"old_version":"0.4.12","new_version":"0.6.0","update_type":"minor","path":null,"pr_created_at":"2026-05-25T09:14:21.000Z","version_change":"0.4.12 → 0.6.0","issue":{"uuid":"4515759645","node_id":"PR_kwDOPbA0lM7e-utH","number":8,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 5 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T09:14:21.000Z","updated_at":"2026-05-25T09:18:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":7,"packages":[{"name":"turbo","old_version":"1.10.16","new_version":"2.9.14","repository_url":"https://github.com/vercel/turborepo"},{"name":"axios","old_version":"1.12.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"dompurify","old_version":"3.2.6","new_version":"3.4.0","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"uuid","old_version":"10.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@opentelemetry/sdk-node","old_version":"0.54.2","new_version":"0.217.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"langsmith","old_version":"0.4.12","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"vm2","old_version":"3.10.5","new_version":"3.11.3","repository_url":"https://github.com/patriksimek/vm2"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [turbo](https://github.com/vercel/turborepo) | `1.10.16` | `2.9.14` |\n| [axios](https://github.com/axios/axios) | `1.12.0` | `1.15.2` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.2.6` | `3.4.0` |\n| [uuid](https://github.com/uuidjs/uuid) | `10.0.0` | `14.0.0` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.54.2` | `0.217.0` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.4.12` | `0.6.0` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.10.5` | `3.11.3` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/agentflow directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 4 updates in the /packages/components directory: [axios](https://github.com/axios/axios), [uuid](https://github.com/uuidjs/uuid), [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) and [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 3 updates in the /packages/server directory: [axios](https://github.com/axios/axios), [uuid](https://github.com/uuidjs/uuid) and [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js).\nBumps the npm_and_yarn group with 3 updates in the /packages/ui directory: [axios](https://github.com/axios/axios), [dompurify](https://github.com/cure53/DOMPurify) and [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `turbo` from 1.10.16 to 2.9.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/releases\"\u003eturbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTurborepo v2.9.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains important security fixes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eHigh:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-5xc8-49mv-x4mm\"\u003eGHSA-5xc8-49mv-x4mm: Turborepo VSCode Extension command injection\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eLow:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-hcf7-66rw-9f5r\"\u003eGHSA-hcf7-66rw-9f5r: Login callback CSRF/session fixation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-3qcw-2rhx-2726\"\u003eGHSA-3qcw-2rhx-2726: Unexpected local code execution during Yarn Berry detection\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.12 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12774\"\u003evercel/turborepo#12774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Restore docs mobile menu by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12782\"\u003evercel/turborepo#12782\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12787\"\u003evercel/turborepo#12787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Scope GitHub Actions caches by branch by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12788\"\u003evercel/turborepo#12788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Validate lockfiles without dependency downloads by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12789\"\u003evercel/turborepo#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unneeded import form hash creation script in docs by \u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate auth callback state by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12802\"\u003evercel/turborepo#12802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden VS Code extension command execution by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12800\"\u003evercel/turborepo#12800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Avoid project-local Yarn during detection by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12801\"\u003evercel/turborepo#12801\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Release 2.9.13 by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12803\"\u003evercel/turborepo#12803\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.12...v2.9.14\"\u003ehttps://github.com/vercel/turborepo/compare/v2.9.12...v2.9.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eTurborepo v2.9.13-canary.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.11-canary.7 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12768\"\u003evercel/turborepo#12768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Allow \u003ccode\u003e$TURBO_EXTENDS$\u003c/code\u003e in LSP diagnostics by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12770\"\u003evercel/turborepo#12770\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.11 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12771\"\u003evercel/turborepo#12771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Allow transit nodes in LSP diagnostics by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12773\"\u003evercel/turborepo#12773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.12 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12774\"\u003evercel/turborepo#12774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Restore docs mobile menu by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12782\"\u003evercel/turborepo#12782\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12787\"\u003evercel/turborepo#12787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Scope GitHub Actions caches by branch by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12788\"\u003evercel/turborepo#12788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Validate lockfiles without dependency downloads by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12789\"\u003evercel/turborepo#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unneeded import form hash creation script in docs by \u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate auth callback state by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12802\"\u003evercel/turborepo#12802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden VS Code extension command execution by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12800\"\u003evercel/turborepo#12800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Avoid project-local Yarn during detection by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12801\"\u003evercel/turborepo#12801\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/blob/main/RELEASE.md\"\u003eturbo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease Documentation\u003c/h1\u003e\n\u003ch2\u003eQuick Start\u003c/h2\u003e\n\u003ch3\u003eAutomated Canary Releases\u003c/h3\u003e\n\u003cp\u003eCanary releases run on an hourly schedule via the [Release workflow][1]:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eRuns every hour via cron, skipping if no relevant files (\u003ccode\u003ecrates/\u003c/code\u003e, \u003ccode\u003epackages/\u003c/code\u003e, \u003ccode\u003ecli/\u003c/code\u003e) changed since the last canary tag\u003c/li\u003e\n\u003cli\u003eSkips if the latest commit is a release PR merge (to avoid releasing the version bump itself)\u003c/li\u003e\n\u003cli\u003ePublishes to npm with the \u003ccode\u003ecanary\u003c/code\u003e tag\u003c/li\u003e\n\u003cli\u003eOpens a PR with auto-merge enabled to merge the version bump back to \u003ccode\u003emain\u003c/code\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eNo manual intervention required for canary releases.\u003c/p\u003e\n\u003ch3\u003eManual Releases (Stable/Custom)\u003c/h3\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eCreate a release by triggering the [Turborepo Release][1] workflow\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFor stable releases, use \u003ccode\u003epatch\u003c/code\u003e, \u003ccode\u003eminor\u003c/code\u003e, or \u003ccode\u003emajor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFor custom pre-releases, use \u003ccode\u003eprepatch\u003c/code\u003e, \u003ccode\u003epreminor\u003c/code\u003e, or \u003ccode\u003epremajor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCheck the \u0026quot;Dry Run\u0026quot; box to test the workflow without publishing\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA PR is automatically opened to merge the release branch back into \u003ccode\u003emain\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMerge this promptly to avoid conflicts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch3\u003eRelease \u003ccode\u003e@turbo/repository\u003c/code\u003e\u003c/h3\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eRun [\u003ccode\u003ebump-version.sh\u003c/code\u003e][4] to update the versions of the packages. Merge in the changes to \u003ccode\u003emain\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCreate a release by triggering the [Turborepo Library Release][5] workflow.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCheck the \u0026quot;Dry Run\u0026quot; box to run the full release workflow without publishing any packages.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch3\u003eNotes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Release Notes are published automatically using the config from [\u003ccode\u003eturborepo-release.yml\u003c/code\u003e][2],\ntriggered by the [\u003ccode\u003eturbo-orchestrator\u003c/code\u003e][3] bot.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003eTurborepo CLI Release Process - In-Depth Guide\u003c/h2\u003e\n\u003cp\u003eThis section provides comprehensive documentation on how the Turborepo CLI is released, including the architecture, workflows, and detailed step-by-step processes.\u003c/p\u003e\n\u003ch3\u003eTable of Contents\u003c/h3\u003e\n\u003col\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#architecture-overview\"\u003eArchitecture Overview\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#automated-canary-releases\"\u003eAutomated Canary Releases\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#version-management\"\u003eVersion Management\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#release-workflow-stages\"\u003eRelease Workflow Stages\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/blob/main/#packages-released\"\u003ePackages Released\u003c/a\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/fc62fe0d9c347d1d24f0ed8946284856593ddb93\"\u003e\u003ccode\u003efc62fe0\u003c/code\u003e\u003c/a\u003e publish 2.9.14 to registry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/fb8c9aec0f9e83f95783659a5ce9c4478cf62cb9\"\u003e\u003ccode\u003efb8c9ae\u003c/code\u003e\u003c/a\u003e chore: Release 2.9.13 (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12803\"\u003e#12803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/e8e629da4e1fb75231089e91b19be9d327a3e649\"\u003e\u003ccode\u003ee8e629d\u003c/code\u003e\u003c/a\u003e fix: Avoid project-local Yarn during detection (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12801\"\u003e#12801\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/91c90cbf12f524c5c29b713d6472dd5fcdecb309\"\u003e\u003ccode\u003e91c90cb\u003c/code\u003e\u003c/a\u003e fix: Harden VS Code extension command execution (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12800\"\u003e#12800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/84f450894e87da1eed864d51f6f637f26980d560\"\u003e\u003ccode\u003e84f4508\u003c/code\u003e\u003c/a\u003e fix: Validate auth callback state (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/1779ad7901384f106236a6e196059e4929745514\"\u003e\u003ccode\u003e1779ad7\u003c/code\u003e\u003c/a\u003e Removed unneeded import form hash creation script in docs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12799\"\u003e#12799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/71f8c90a807ffb9b9876ea8a04f523f473bf5c8d\"\u003e\u003ccode\u003e71f8c90\u003c/code\u003e\u003c/a\u003e test: Validate lockfiles without dependency downloads (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12789\"\u003e#12789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/5fcb96024d503127bb0ed760ebe159b7716c52b3\"\u003e\u003ccode\u003e5fcb960\u003c/code\u003e\u003c/a\u003e ci: Scope GitHub Actions caches by branch (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12788\"\u003e#12788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/4cf9fabc9a6f6c99fe4e2f2da9f35be631be062a\"\u003e\u003ccode\u003e4cf9fab\u003c/code\u003e\u003c/a\u003e ci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12787\"\u003e#12787\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/859c629bc401f239ac7980a132746ca90478e17c\"\u003e\u003ccode\u003e859c629\u003c/code\u003e\u003c/a\u003e fix: Restore docs mobile menu (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12782\"\u003e#12782\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/turborepo/compare/v1.10.16...v2.9.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for turbo since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.12.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.12.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.2.6 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eMost relevant changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a problem with \u003ccode\u003eFORBID_TAGS\u003c/code\u003e not winning over \u003ccode\u003eADD_TAGS\u003c/code\u003e, thanks \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed several minor problems and typos regarding MathML attributes, thanks \u003ca href=\"https://github.com/DavidOliver\"\u003e\u003ccode\u003e@​DavidOliver\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eADD_ATTR\u003c/code\u003e/\u003ccode\u003eADD_TAGS\u003c/code\u003e function leaking into subsequent array-based calls, thanks \u003ca href=\"https://github.com/1Jesper1\"\u003e\u003ccode\u003e@​1Jesper1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a missing \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrub in \u003ccode\u003eRETURN_DOM\u003c/code\u003e path, thanks \u003ca href=\"https://github.com/bencalif\"\u003e\u003ccode\u003e@​bencalif\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution via \u003ccode\u003eCUSTOM_ELEMENT_HANDLING\u003c/code\u003e, thanks \u003ca href=\"https://github.com/trace37labs\"\u003e\u003ccode\u003e@​trace37labs\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eADD_TAGS\u003c/code\u003e function form bypassing \u003ccode\u003eFORBID_TAGS\u003c/code\u003e, thanks \u003ca href=\"https://github.com/eddieran\"\u003e\u003ccode\u003e@​eddieran\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eADD_ATTR\u003c/code\u003e predicates skipping URI validation, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eUSE_PROFILES\u003c/code\u003e prototype pollution, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue leading to possible mXSS via Re-Contextualization, thanks \u003ca href=\"https://github.com/researchatfluidattacks\"\u003e\u003ccode\u003e@​researchatfluidattacks\u003c/code\u003e\u003c/a\u003e and others\u003c/li\u003e\n\u003cli\u003eFixed an issue with closing tags leading to possible mXSS, thanks \u003ca href=\"https://github.com/frevadiscor\"\u003e\u003ccode\u003e@​frevadiscor\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a problem with the type dentition patcher after Node version bump\u003c/li\u003e\n\u003cli\u003eFixed freezing BS runs by reducing the tested browsers array\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eAdded needed files for OpenSSF scorecard checks\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePublished Advisories are here:\u003c/strong\u003e\n\u003ca href=\"https://github.com/cure53/DOMPurify/security/advisories?state=published\"\u003ehttps://github.com/cure53/DOMPurify/security/advisories?state=published\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an engine requirement for Node 20 which caused hiccups, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution issue when working with custom elements, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a lenient config parsing in \u003ccode\u003e_isValidAttribute\u003c/code\u003e, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped and removed several dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the test suite after bumping dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated \u003ccode\u003eADD_FORBID_CONTENTS\u003c/code\u003e setting to extend default list, thanks \u003ca href=\"https://github.com/MariusRumpf\"\u003e\u003ccode\u003e@​MariusRumpf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the ESM import syntax to be more correct, thanks \u003ca href=\"https://github.com/binhpv\"\u003e\u003ccode\u003e@​binhpv\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the SVG \u003ccode\u003emask-type\u003c/code\u003e attribute to default allow-list, thanks \u003ca href=\"https://github.com/prasadrajandran\"\u003e\u003ccode\u003e@​prasadrajandran\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded support for \u003ccode\u003eADD_ATTR\u003c/code\u003e and \u003ccode\u003eADD_TAGS\u003c/code\u003e to accept functions, thanks \u003ca href=\"https://github.com/nelstrom\"\u003e\u003ccode\u003e@​nelstrom\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with the \u003ccode\u003eslot\u003c/code\u003e element being in both SVG and HTML allow-list, thanks \u003ca href=\"https://github.com/Wim-Valgaeren\"\u003e\u003ccode\u003e@​Wim-Valgaeren\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.2.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new attributes and elements to default allow-list, thanks \u003ca href=\"https://github.com/elrion018\"\u003e\u003ccode\u003e@​elrion018\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003etagName\u003c/code\u003e parameter to custom element \u003ccode\u003eattributeNameCheck\u003c/code\u003e, thanks \u003ca href=\"https://github.com/nelstrom\"\u003e\u003ccode\u003e@​nelstrom\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better check for animated \u003ccode\u003ehref\u003c/code\u003e attributes, thanks \u003ca href=\"https://github.com/llamakko\"\u003e\u003ccode\u003e@​llamakko\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated and improved the bundled types, thanks \u003ca href=\"https://github.com/ssi02014\"\u003e\u003ccode\u003e@​ssi02014\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated several tests to better align with new browser encoding behaviors\u003c/li\u003e\n\u003cli\u003eImproved the handling of potentially risky content inside CDATA elements, thanks \u003ca href=\"https://github.com/securityMB\"\u003e\u003ccode\u003e@​securityMB\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/terjanq\"\u003e\u003ccode\u003e@​terjanq\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved the regular expression for raw-text elements to cover textareas, thanks \u003ca href=\"https://github.com/securityMB\"\u003e\u003ccode\u003e@​securityMB\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/terjanq\"\u003e\u003ccode\u003e@​terjanq\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b16e0b892e82b1779d62b9928b43c4c4ff290b9\"\u003e\u003ccode\u003e5b16e0b\u003c/code\u003e\u003c/a\u003e Getting 3.x branch ready for 3.4.0 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1250\"\u003e#1250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/8bcbf73ae7eb56e7b4f1300b66cf543342c7ee27\"\u003e\u003ccode\u003e8bcbf73\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5faddd60af7b4d612f32a0c6b44432b77c8c490c\"\u003e\u003ccode\u003e5faddd6\u003c/code\u003e\u003c/a\u003e fix: engine requirement (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1210\"\u003e#1210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/0f91e3add5c028bc4110c513b0c2571b284c35af\"\u003e\u003ccode\u003e0f91e3a\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/d5ff1a8c605df1df998c2e7df2c4c8ac762b0dea\"\u003e\u003ccode\u003ed5ff1a8\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/c3efd489010366e755de9d65fd741888fd8b7462\"\u003e\u003ccode\u003ec3efd48\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/988b888108c8df911ef37e68d0e26c85ad90e885\"\u003e\u003ccode\u003e988b888\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/2726c74e9c6a0645127d1630e5ca49f64bc9fe67\"\u003e\u003ccode\u003e2726c74\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6202c7e43e9df01ba606396aed60fbae5583f7a1\"\u003e\u003ccode\u003e6202c7e\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e and jsdom (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1204\"\u003e#1204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/302b51de22535cc90235472c52e3401bedd46f80\"\u003e\u003ccode\u003e302b51d\u003c/code\u003e\u003c/a\u003e fix: Expanded the regex ever so slightly to also cover script\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.2.6...3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 10.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@opentelemetry/sdk-node` from 0.54.2 to 0.217.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/releases\"\u003e@​opentelemetry/sdk-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eexperimental/v0.217.0\u003c/h2\u003e\n\u003ch2\u003e0.217.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(otlp-transformer): replace protobufjs trace serialization with custom implementation \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6625\"\u003e#6625\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using \u003ccode\u003ejson-schema-to-typescript\u003c/code\u003e and \u003ccode\u003eajv\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6533\"\u003e#6533\u003c/a\u003e \u003ca href=\"https://github.com/MikeGoldsmith\"\u003e\u003ccode\u003e@​MikeGoldsmith\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration, sdk-node): \u003ccode\u003estartNodeSDK()\u003c/code\u003e code path now uses \u003ccode\u003elog_level\u003c/code\u003e configuration to setup a DiagConsoleLogger \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6668\"\u003e#6668\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eNote that allowed values for \u003ccode\u003elog_level\u003c/code\u003e in a configuration YAML file are \u003cem\u003enot\u003c/em\u003e the same set as for \u003ccode\u003eOTEL_LOG_LEVEL\u003c/code\u003e. Use \u003ccode\u003elog_level: trace\u003c/code\u003e to see \u003cem\u003eall\u003c/em\u003e logs (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=ALL\u003c/code\u003e). Use \u003ccode\u003elog_level: fatal\u003c/code\u003e to effectively disable the SDK's internal diagnostic logger (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=NONE\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003elog_level\u003c/code\u003e is not specified, a diagnostic console logger at \u0026quot;info\u0026quot; level will be setup.\u003c/li\u003e\n\u003cli\u003eAn invalid YAML config file will now result in a noop OTel SDK.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(configuration): do not validate \u003ccode\u003eOTEL_CONFIG_FILE\u003c/code\u003e value before using it for file config \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6643\"\u003e#6643\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6650\"\u003e#6650\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6657\"\u003e#6657\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve handling of enums in generated types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6659\"\u003e#6659\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve the technique for removing '| null' on types the JSON Schema \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6662\"\u003e#6662\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sampler-jaeger-remote): add missing axios dep \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6656\"\u003e#6656\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6674\"\u003e#6674\u003c/a\u003e \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.216.0\u003c/h2\u003e\n\u003ch2\u003e0.216.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6427\"\u003e#6427\u003c/a\u003e \u003ca href=\"https://github.com/ravitheja4531-cell\"\u003e\u003ccode\u003e@​ravitheja4531-cell\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(sdk-node): set TracerProvider in startNodeSDK() \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6607\"\u003e#6607\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(instrumentation-xml-http-request): avoid unwrapping \u003ccode\u003eXMLHttpRequest\u003c/code\u003e API when disabling \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6611\"\u003e#6611\u003c/a\u003e \u003ca href=\"https://github.com/david-luna\"\u003e\u003ccode\u003e@​david-luna\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-fetch): tolerate non-writable \u003ccode\u003eglobalThis.fetch\u003c/code\u003e and fix premature \u003ccode\u003e_isEnabled\u003c/code\u003e / \u003ccode\u003e_isFetchPatched\u003c/code\u003e flips in \u003ccode\u003eenable()\u003c/code\u003e \u003ca href=\"https://github.com/brunorodmoreira\"\u003e\u003ccode\u003e@​brunorodmoreira\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-xhr): resolve relative URLs before matching \u003ccode\u003eignoreUrls\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6551\"\u003e#6551\u003c/a\u003e \u003ca href=\"https://github.com/Maximiliano-Zeballos\"\u003e\u003ccode\u003e@​Maximiliano-Zeballos\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sdk-node): fix setting of ViewOption#name from ConfigurationModel \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6620\"\u003e#6620\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(web-common): add limit for timeout \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6601\"\u003e#6601\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6646\"\u003e#6646\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:house: Internal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etest(otlp-transformer): add metrics transform benchmark \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6628\"\u003e#6628\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6636\"\u003e#6636\u003c/a\u003e \u003ca href=\"https://github.com/cjihrig\"\u003e\u003ccode\u003e@​cjihrig\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.215.0\u003c/h2\u003e\n\u003ch2\u003e0.215.0\u003c/h2\u003e\n\u003ch3\u003e:boom: Breaking Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/74cde1b674508ccc0ed2601ac43a80ff2d35114c\"\u003e\u003ccode\u003e74cde1b\u003c/code\u003e\u003c/a\u003e chore: prepare next release (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6675\"\u003e#6675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/e8f439adcbec23261d26fcc205f4d2a6d74f16c7\"\u003e\u003ccode\u003ee8f439a\u003c/code\u003e\u003c/a\u003e fix: handle malformed URLs in Prometheus exporter request handler (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6674\"\u003e#6674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ab3a2e280e589a43d705278be5e8c8308b1b4081\"\u003e\u003ccode\u003eab3a2e2\u003c/code\u003e\u003c/a\u003e feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/d5b7d1e5c6cd3c9547137d0cc6a5185b7b5a8155\"\u003e\u003ccode\u003ed5b7d1e\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency axios to v1.15.2 [security] (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6670\"\u003e#6670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/c16361877b77828d324733a4c8bed6d2ed10c884\"\u003e\u003ccode\u003ec163618\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to e46ed2c (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6661\"\u003e#6661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ec2bfbe0b2afb9d29725140b2d0350e47e23250d\"\u003e\u003ccode\u003eec2bfbe\u003c/code\u003e\u003c/a\u003e chore(configuration): move config generation scripts into the configuration p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/acc9ecd99591c054e9f3b9d9e36cbd4333bb1411\"\u003e\u003ccode\u003eacc9ecd\u003c/code\u003e\u003c/a\u003e chore(configuration): cosmetic changes to generated types.ts (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6663\"\u003e#6663\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/8f008ece4ee20ad7ef55f673c208010ddb59f751\"\u003e\u003ccode\u003e8f008ec\u003c/code\u003e\u003c/a\u003e chore: Move inactive members to emeritus (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6649\"\u003e#6649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/435431e4705fd1fb45eec009a3f831b91e6673cd\"\u003e\u003ccode\u003e435431e\u003c/code\u003e\u003c/a\u003e fix(configuration): improve the technique for removing '| null' on types due ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/42220244e99c5ace5c2ac7365d232d3b9d1038b2\"\u003e\u003ccode\u003e4222024\u003c/code\u003e\u003c/a\u003e fix(configuration): improve handling of enums in generated types (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6659\"\u003e#6659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/compare/experimental/v0.54.2...experimental/v0.217.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​opentelemetry/sdk-node\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.4.12 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(openai): Add use responses API to OpenAI wrapper by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2218\"\u003elangchain-ai/langsmith-sdk#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(py): Fix Python integration tests by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2219\"\u003elangchain-ai/langsmith-sdk#2219\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add invocation param tracing for OpenAI responses wrapper in JS by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2220\"\u003elangchain-ai/langsmith-sdk#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore empty string by \u003ca href=\"https://github.com/hinthornw\"\u003e\u003ccode\u003e@​hinthornw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2225\"\u003elangchain-ai/langsmith-sdk#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove duplicate patch from claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2189\"\u003elangchain-ai/langsmith-sdk#2189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix JS Memory Leak clean child_runs by \u003ca href=\"https://github.com/amodelaweb\"\u003e\u003ccode\u003e@​amodelaweb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2228\"\u003elangchain-ai/langsmith-sdk#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Make traced asyn...\n\n_Description has been truncated_","html_url":"https://github.com/Sherlock999xxx/Flowise/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sherlock999xxx%2FFlowise/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}},{"old_version":"0.3.49","new_version":"0.3.87","update_type":"patch","path":null,"pr_created_at":"2026-05-24T08:01:28.000Z","version_change":"0.3.49 → 0.3.87","issue":{"uuid":"4510907615","node_id":"PR_kwDOPbma_s7evxYs","number":9,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T08:01:28.000Z","updated_at":"2026-05-24T08:03:19.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"langsmith","old_version":"0.3.49","new_version":"0.3.87","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"@hono/node-server","old_version":"1.17.1","new_version":"1.19.14","repository_url":"https://github.com/honojs/node-server"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"hono","old_version":"4.11.7","new_version":"4.12.22","repository_url":"https://github.com/honojs/hono"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"tar","old_version":"7.5.7","new_version":"7.5.15","repository_url":"https://github.com/isaacs/node-tar"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 9 updates in the /docs/_scripts/js_translation/codeblocks directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.49` | `0.3.87` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.17.1` | `1.19.14` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [hono](https://github.com/honojs/hono) | `4.11.7` | `4.12.22` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.15` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.7` | `7.5.15` |\n\nBumps the npm_and_yarn group with 2 updates in the /libs/cli/js-examples directory: [flatted](https://github.com/WebReflection/flatted) and [picomatch](https://github.com/micromatch/picomatch).\n\nUpdates `langsmith` from 0.3.49 to 0.3.87\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.17.1 to 1.19.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.14\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add custom inspect to lightweight Request/Response to prevent TypeError on console.log by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/340\"\u003ehonojs/node-server#340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(globals): Stop overwriting global.fetch by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/295\"\u003ehonojs/node-server#295\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add guide for listening to UNIX domain socket by \u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serve-static): Use Readable.toWeb in serveStatic by \u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b5e63a366d9b0ef62ac65fcafd7f69b383b03ff5\"\u003e\u003ccode\u003eb5e63a3\u003c/code\u003e\u003c/a\u003e 1.19.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c02d7770a2d29ea473403211bef0a60639885a28\"\u003e\u003ccode\u003ec02d777\u003c/code\u003e\u003c/a\u003e fix: add custom inspect to lightweight Request/Response to prevent TypeError ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.17.1...v1.19.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.5.3 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v4.5.3...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.11.7 to 4.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: update vitest to v4 and cleanups by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4952\"\u003ehonojs/hono#4952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(mime): specify charset parameter per MIME type instead of mechanical detection by \u003ca href=\"https://github.com/renatograsso10\"\u003e\u003ccode\u003e@​renatograsso10\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4912\"\u003ehonojs/hono#4912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(compress): respect Accept-Encoding when encoding option is set by \u003ca href=\"https://github.com/LeSingh1\"\u003e\u003ccode\u003e@​LeSingh1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4951\"\u003ehonojs/hono#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deno): echo negotiated WebSocket subprotocol in upgrade response by \u003ca href=\"https://github.com/ATOM00blue\"\u003e\u003ccode\u003e@​ATOM00blue\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4955\"\u003ehonojs/hono#4955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add msgpack as a compressible content type by \u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4957\"\u003ehonojs/hono#4957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/renatograsso10\"\u003e\u003ccode\u003e@​renatograsso10\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4912\"\u003ehonojs/hono#4912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/LeSingh1\"\u003e\u003ccode\u003e@​LeSingh1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4951\"\u003ehonojs/hono#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ATOM00blue\"\u003e\u003ccode\u003e@​ATOM00blue\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4955\"\u003ehonojs/hono#4955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4957\"\u003ehonojs/hono#4957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.21...v4.12.22\"\u003ehttps://github.com/honojs/hono/compare/v4.12.21...v4.12.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.21\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eapp.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eapp.mount()\u003c/code\u003e. Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3\u003c/p\u003e\n\u003ch3\u003eIP Restriction bypasses static deny rules for non-canonical IPv6\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/ip-restriction\u003c/code\u003e. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5\u003c/p\u003e\n\u003ch3\u003eCookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cookie\u003c/code\u003e. Fixes missing validation of \u003ccode\u003esameSite\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e options against injection characters (\u003ccode\u003e;\u003c/code\u003e, \u003ccode\u003e\\r\u003c/code\u003e, \u003ccode\u003e\\n\u003c/code\u003e), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x\u003c/p\u003e\n\u003ch3\u003eJWT middleware accepts any Authorization scheme, not only Bearer\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/jwt\u003c/code\u003e, \u003ccode\u003ehono/jwk\u003c/code\u003e. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use \u003ccode\u003eapp.mount()\u003c/code\u003e, \u003ccode\u003ehono/ip-restriction\u003c/code\u003e, \u003ccode\u003ehono/cookie\u003c/code\u003e, or \u003ccode\u003ehono/jwt\u003c/code\u003e/\u003ccode\u003ehono/jwk\u003c/code\u003e are encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.20\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(route): preserve the base path of the mounted route() app by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4942\"\u003ehonojs/hono#4942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(jsx): widen jsx and jsxFn children to Child[] by \u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.19...v4.12.20\"\u003ehttps://github.com/honojs/hono/compare/v4.12.19...v4.12.20\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/2f01b774b168911d24e4864fb66054f5de9d9a4e\"\u003e\u003ccode\u003e2f01b77\u003c/code\u003e\u003c/a\u003e 4.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6bc0dff277684ee50ace6dc87a7ad73a9c131c99\"\u003e\u003ccode\u003e6bc0dff\u003c/code\u003e\u003c/a\u003e feat: add msgpack as a compressible content type (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4957\"\u003e#4957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/7e0555d14c72d4204347ac9afaae32ba5c013ab9\"\u003e\u003ccode\u003e7e0555d\u003c/code\u003e\u003c/a\u003e fix(deno): echo negotiated WebSocket subprotocol in upgrade response (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4955\"\u003e#4955\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f0ed2465913f2a89ebdf65cc54d6254915fc3ff6\"\u003e\u003ccode\u003ef0ed246\u003c/code\u003e\u003c/a\u003e fix(compress): respect Accept-Encoding when encoding option is set (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4951\"\u003e#4951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a192df0844724aeaf5cbc6f1ea2f8425d3f8a86a\"\u003e\u003ccode\u003ea192df0\u003c/code\u003e\u003c/a\u003e fix(mime): specify charset parameter per MIME type instead of mechanical dete...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/cf6ef7056a59acdc5cd2eacdca201147885d3e54\"\u003e\u003ccode\u003ecf6ef70\u003c/code\u003e\u003c/a\u003e chore: update vitest to v4 and cleanups (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4952\"\u003e#4952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a83ddb882e0c0b8c336050dba087bb2e1b12488e\"\u003e\u003ccode\u003ea83ddb8\u003c/code\u003e\u003c/a\u003e 4.12.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1\"\u003e\u003ccode\u003e6cbb025\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c831020fb1fa2e929d222f6c84e1abfe013e512b\"\u003e\u003ccode\u003ec831020\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/905aedbc20661e0e2fa378783a7ec44a5c3df43d\"\u003e\u003ccode\u003e905aedb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.11.7...v4.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.6 to 8.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/eae46db765d752cf8f40c4fa2b0b85030079c43d\"\u003e\u003ccode\u003eeae46db\u003c/code\u003e\u003c/a\u003e Release 8.5.15 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/79508ffa59e42c02056aca61b88bc393c8b516c4\"\u003e\u003ccode\u003e79508ff\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b128e2131288a411c6e28071d0929542c49e74eb\"\u003e\u003ccode\u003eb128e21\u003c/code\u003e\u003c/a\u003e Speed up declaration parsing by avoiding creating new array on each token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9825dca02c33cf610e2a842be767468b67fbecf9\"\u003e\u003ccode\u003e9825dca\u003c/code\u003e\u003c/a\u003e Fix code format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/55789c865281e2be194fa5b4e41dd046be3a2307\"\u003e\u003ccode\u003e55789c8\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/84fbbe9009cb3cc3bbb4cc3a9b65d468f4844d95\"\u003e\u003ccode\u003e84fbbe9\u003c/code\u003e\u003c/a\u003e Install older pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9f860bd78ec1dbc4f0ae72d693f03f956baa38cb\"\u003e\u003ccode\u003e9f860bd\u003c/code\u003e\u003c/a\u003e Revert pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/08771986d47359545f502e009763e223b66bfcf6\"\u003e\u003ccode\u003e0877198\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b2d1a335cea818f8b27e5cfb90147648afe3e582\"\u003e\u003ccode\u003eb2d1a33\u003c/code\u003e\u003c/a\u003e Fix linter warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/0700dac92283bc259977dff2743ca74a00f58267\"\u003e\u003ccode\u003e0700dac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2088\"\u003e#2088\u003c/a\u003e from rootvector2/add-oss-fuzz-harness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.7 to 7.5.15\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/87cc309f13c21d598b0b833235d387a252455058\"\u003e\u003ccode\u003e87cc309\u003c/code\u003e\u003c/a\u003e 7.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7aef486f0d21c10fd7790b16b1b28f04648cf334\"\u003e\u003ccode\u003e7aef486\u003c/code\u003e\u003c/a\u003e fix: regression in pending links detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/d6611ae951056addb77c6e11baf7bcc9d7648e46\"\u003e\u003ccode\u003ed6611ae\u003c/code\u003e\u003c/a\u003e 7.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/119c401f4f7efbeb112d28f9dfc9c489674c9a79\"\u003e\u003ccode\u003e119c401\u003c/code\u003e\u003c/a\u003e fix(extract): prevent raced symlink writes outside cwd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2a294d3fbb24c18dc80f31059f49dd9af15653fe\"\u003e\u003ccode\u003e2a294d3\u003c/code\u003e\u003c/a\u003e 7.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/01082a42c3256ca6054f9627911cce4dbfe00d92\"\u003e\u003ccode\u003e01082a4\u003c/code\u003e\u003c/a\u003e fix: reject top promise on floating addFilesAsync rejections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/dd1c36ab7acff26e5a34935d17f27a45bb088db3\"\u003e\u003ccode\u003edd1c36a\u003c/code\u003e\u003c/a\u003e linting\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/GlacierEQ/langgraph/network/alerts).\n\n\u003c/details\u003e\n\n---\n\n🔧 This PR updates 9 npm dependencies across two directories to their latest versions, including security fixes and performance improvements. The updates span various packages from web frameworks (Hono) to utility libraries (flatted, picomatch) and build tools (PostCSS).\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Documentation Scripts**: Updated 9 packages in `/docs/_scripts/js_translation/codeblocks/yarn.lock` including major version bumps for Hono (4.11.7 → 4.12.22) and LangSmith (0.3.49 → 0.3.87)\n- **CLI Examples**: Updated 2 packages in `/libs/cli/js-examples/yarn.lock` with flatted and picomatch receiving the same security updates\n- **Security Fixes**: Multiple packages include critical security patches, particularly picomatch (CVE fixes) and flatted (CWE-1321 fix)\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 9 Outdated Packages]\n    B --\u003e C[docs/_scripts/js_translation/codeblocks]\n    B --\u003e D[libs/cli/js-examples]\n    C --\u003e E[Update langsmith 0.3.49→0.3.87]\n    C --\u003e F[Update hono 4.11.7→4.12.22]\n    C --\u003e G[Update 7 other packages]\n    D --\u003e H[Update flatted \u0026 picomatch]\n    E --\u003e I[Security \u0026 Performance Improvements]\n    F --\u003e I\n    G --\u003e I\n    H --\u003e I\n```\n\n### Impact\n- **Security Enhancement**: Fixes multiple CVEs in picomatch and CWE-1321 in flatted, addressing potential security vulnerabilities\n- **Performance Improvements**: PostCSS parsing optimizations and Hono framework enhancements for better request handling\n- **Stability Updates**: Bug fixes across multiple packages including tar, minimatch, and fast-xml-parser for improved reliability\n- **Maintenance**: Keeps dependencies current with latest patches and reduces technical debt\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/langgraph/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Flanggraph/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"0.5.26","new_version":"0.7.2","update_type":"minor","path":null,"pr_created_at":"2026-05-23T21:41:31.000Z","version_change":"0.5.26 → 0.7.2","issue":{"uuid":"4509682342","node_id":"PR_kwDOSL-hY87esQSX","number":80,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 17 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T21:41:31.000Z","updated_at":"2026-05-23T21:42:16.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"next","old_version":"16.2.4","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"axios","old_version":"1.15.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"ws","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"next","old_version":"15.5.15","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"langsmith","old_version":"0.5.26","new_version":"0.7.2","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"qs","old_version":"6.15.1","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /apps/dex directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 2 updates in the /apps/inferstructor-dashboard directory: [axios](https://github.com/axios/axios) and [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the /apps/wallet directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /apps/x3-desktop directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 2 updates in the /apps/x3-desktop/rag-bot directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 2 updates in the /apps/x3-intelligence directory: [ws](https://github.com/websockets/ws) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 2 updates in the /contracts/botchain-tri-vm-genesis/hardhat directory: [qs](https://github.com/ljharb/qs) and [fast-uri](https://github.com/fastify/fast-uri).\nBumps the npm_and_yarn group with 1 update in the /infra-structure/dashboard directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /infra-structure/services/blockchain-tps directory: [ws](https://github.com/websockets/ws) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /infra-structure/services/chain-db directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 2 updates in the /infra/blockchain-tps directory: [ws](https://github.com/websockets/ws) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /packages/blockchain-connector directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 2 updates in the /packages/polkawallet-plugin directory: [ws](https://github.com/websockets/ws) and [fast-uri](https://github.com/fastify/fast-uri).\nBumps the npm_and_yarn group with 1 update in the /scripts_infrastructure/coordinator directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /scripts_infrastructure/relayer directory: [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 1 update in the /scripts_infrastructure/testnet directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the /x3fronend directory: [ws](https://github.com/websockets/ws).\n\nUpdates `next` from 16.2.4 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.2.4...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.15.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.20.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/8.20.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.5.15 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.2.4...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.19.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/8.20.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.5.26 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2389\"\u003elangchain-ai/langsmith-sdk#2389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove \u003ca href=\"https://github.com/internal\"\u003e\u003ccode\u003e@​internal\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2391\"\u003elangchain-ai/langsmith-sdk#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2392\"\u003elangchain-ai/langsmith-sdk#2392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump openai from 5.8.2 to 6.18.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2378\"\u003elangchain-ai/langsmith-sdk#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump cross-env from 7.0.3 to 10.1.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2379\"\u003elangchain-ai/langsmith-sdk#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2376\"\u003elangchain-ai/langsmith-sdk#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump node-fetch from 2.7.0 to 3.3.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2380\"\u003elangchain-ai/langsmith-sdk#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGoogle ADK LangSmith tracing enhancements by \u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependabot.yml to comply with posture checks by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2393\"\u003elangchain-ai/langsmith-sdk#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump cryptography from 46.0.3 to 46.0.5 in /python in the uv group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2397\"\u003elangchain-ai/langsmith-sdk#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2398\"\u003elangchain-ai/langsmith-sdk#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2399\"\u003elangchain-ai/langsmith-sdk#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump packaging from 25.0 to 26.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2403\"\u003elangchain-ai/langsmith-sdk#2403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pytest from 8.4.2 to 9.0.2 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2405\"\u003elangchain-ai/langsmith-sdk#2405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 20 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2406\"\u003elangchain-ai/langsmith-sdk#2406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Log Vitest/Jest outputs even if test throws an error by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2408\"\u003elangchain-ai/langsmith-sdk#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove async by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2409\"\u003elangchain-ai/langsmith-sdk#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.3 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2410\"\u003elangchain-ai/langsmith-sdk#2410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignoring p-queue dep by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2414\"\u003elangchain-ai/langsmith-sdk#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add on_start handler for traceable, use in evaluate by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2421\"\u003elangchain-ai/langsmith-sdk#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.4 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2422\"\u003elangchain-ai/langsmith-sdk#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2419\"\u003elangchain-ai/langsmith-sdk#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2423\"\u003elangchain-ai/langsmith-sdk#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2426\"\u003elangchain-ai/langsmith-sdk#2426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.0 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2381\"\u003elangchain-ai/langsmith-sdk#2381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ci): Convert JS release workflow to use OIDC by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2383\"\u003elangchain-ai/langsmith-sdk#2383\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): run evaluations as examples complete by \u003ca href=\"https://github.com/bees\"\u003e\u003ccode\u003e@​bees\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2349\"\u003elangchain-ai/langsmith-sdk#2349\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Restore default concurrency behavior for JS eval runner by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2385\"\u003elangchain-ai/langsmith-sdk#2385\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js,py): Adds backcompat for old prompt cache API by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2386\"\u003elangchain-ai/langsmith-sdk#2386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add system message visibility to Anthropic wrapper traces by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2375\"\u003elangchain-ai/langsmith-sdk#2375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2388\"\u003elangchain-ai/langsmith-sdk#2388\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2375\"\u003elangchain-ai/langsmith-sdk#2375\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.19.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/8.20.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.15.1 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com...\n\n_Description has been truncated_\n\n\u003c!-- RECURSEML_SUMMARY:START --\u003e\n## High-level PR Summary\nThis PR updates npm dependencies across 17 directories in a monorepo, primarily applying security patches for `next` (16.2.4→16.2.6 and 15.5.15→15.5.18), `axios` (1.15.0→1.15.2 and 1.16.0→1.16.1), `ws` (8.19.0/8.20.0→8.21.0), `langsmith` (0.5.26→0.7.2), `qs` (6.14.2/6.15.1→6.15.2), `express` (4.22.1→4.22.2), `body-parser` (1.20.4→1.20.5), and `fast-uri` (3.1.0→3.1.2). The updates address multiple high-severity security vulnerabilities including DoS attacks, middleware/proxy bypasses, XSS vulnerabilities, SSRF issues, prototype pollution, cache poisoning, and memory exhaustion bugs.\n\n⏱️ Estimated Review Time: 30-90 minutes\n\n\u003cdetails\u003e\n\u003csummary\u003e💡 Review Order Suggestion\u003c/summary\u003e\n\n| Order | File Path |\n|-------|-----------|\n| 1 | `apps/dex/package.json` |\n| 2 | `apps/dex/package-lock.json` |\n| 3 | `apps/wallet/package.json` |\n| 4 | `apps/wallet/package-lock.json` |\n| 5 | `apps/inferstructor-dashboard/package.json` |\n| 6 | `apps/inferstructor-dashboard/package-lock.json` |\n| 7 | `infra-structure/dashboard/package.json` |\n| 8 | `infra-structure/dashboard/package-lock.json` |\n| 9 | `apps/x3-desktop/package-lock.json` |\n| 10 | `apps/x3-desktop/rag-bot/package.json` |\n| 11 | `apps/x3-desktop/rag-bot/package-lock.json` |\n| 12 | `apps/x3-intelligence/package.json` |\n| 13 | `apps/x3-intelligence/package-lock.json` |\n| 14 | `infra-structure/services/blockchain-tps/package.json` |\n| 15 | `infra-structure/services/blockchain-tps/package-lock.json` |\n| 16 | `infra/blockchain-tps/package.json` |\n| 17 | `infra/blockchain-tps/package-lock.json` |\n| 18 | `infra-structure/services/chain-db/package.json` |\n| 19 | `infra-structure/services/chain-db/package-lock.json` |\n| 20 | `contracts/botchain-tri-vm-genesis/hardhat/package-lock.json` |\n| 21 | `packages/blockchain-connector/package.json` |\n| 22 | `packages/blockchain-connector/package-lock.json` |\n| 23 | `packages/polkawallet-plugin/package-lock.json` |\n| 24 | `scripts_infrastructure/coordinator/package.json` |\n| 25 | `scripts_infrastructure/coordinator/package-lock.json` |\n| 26 | `scripts_infrastructure/relayer/package.json` |\n| 27 | `scripts_infrastructure/relayer/package-lock.json` |\n| 28 | `scripts_infrastructure/testnet/package-lock.json` |\n| 29 | `x3fronend/package-lock.json` |\n| 30 | `packages/ts-sdk/package.json` |\n| 31 | `packages/ts-sdk/package-lock.json` |\n\u003c/details\u003e\n\n\n\n[![Need help? Join our Discord](https://img.shields.io/badge/Need%20help%3F%20Join%20our%20Discord-5865F2?style=plastic\u0026logo=discord\u0026logoColor=white)](https://discord.gg/n3SsVDAW6U)\n\n\u003c!-- RECURSEML_SUMMARY:END --\u003e\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade dependencies across apps and services to pick up security patches and stability fixes. This updates `next`, `axios`, `express`/`body-parser`, `ws`, `qs`, and `fast-uri` with no app code changes.\n\n- **Dependencies**\n  - `next`: `apps/dex` 16.2.4 → 16.2.6; `apps/wallet` 15.1.6 → 15.5.18 (security fixes and bug patches).\n  - `axios`: dashboards 1.15.0 → 1.15.2; `packages/ts-sdk` and Hardhat 1.16.0 → 1.16.1 (header/SSRF hardening, keep‑alive leak fix).\n  - `express` and `body-parser`: services updated to `express` 4.22.2 and `body-parser` 1.20.5 (latest patches).\n  - `ws`: bumped to 8.21.0 where used (DoS mitigation; adds `maxBufferedChunks`/`maxFragments`).\n  - `qs`: upgraded to 6.15.2 (parse/stringify fixes).\n  - `fast-uri`: upgraded to 3.1.2 (minor fixes).\n\n\u003csup\u003eWritten for commit 0dea9450fa738ad90d29b8edc1d82d82abc96d89. Summary will update on new commits. \u003ca href=\"https://cubic.dev/pr/Cyptopimpinainteazy/x3-atomic-star/pull/80?utm_source=github\"\u003eReview in cubic\u003c/a\u003e\u003c/sup\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/Cyptopimpinainteazy/x3-atomic-star/pull/80","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cyptopimpinainteazy%2Fx3-atomic-star/issues/80","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/80/packages"}},{"old_version":"0.3.37","new_version":"0.6.0","update_type":"minor","path":null,"pr_created_at":"2026-05-23T10:31:29.000Z","version_change":"0.3.37 → 0.6.0","issue":{"uuid":"4507783156","node_id":"PR_kwDOPbm3Xs7emcNh","number":10,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 5 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T10:31:29.000Z","updated_at":"2026-05-23T10:36:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@hono/node-server","old_version":"1.14.4","new_version":"1.19.13","repository_url":"https://github.com/honojs/node-server"},{"name":"hono","old_version":"4.12.0","new_version":"4.12.18","repository_url":"https://github.com/honojs/hono"},{"name":"langsmith","old_version":"0.3.37","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"tar","old_version":"7.5.9","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"yaml","old_version":"2.8.0","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"axios","old_version":"1.13.5","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"defu","old_version":"6.1.4","new_version":"6.1.7","repository_url":"https://github.com/unjs/defu"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.5.3","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"protobufjs","old_version":"6.11.4","new_version":"6.11.6","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"vite","old_version":"6.4.1","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.14.4` | `1.19.13` |\n| [hono](https://github.com/honojs/hono) | `4.12.0` | `4.12.18` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.37` | `0.6.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.9` | `7.5.11` |\n| [yaml](https://github.com/eemeli/yaml) | `2.8.0` | `2.8.3` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.16.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [defu](https://github.com/unjs/defu) | `6.1.4` | `6.1.7` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.3` | `8.5.15` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `6.11.4` | `6.11.6` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.1` | `6.4.2` |\n\nBumps the npm_and_yarn group with 1 update in the /environment_tests/test-exports-vercel directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 2 updates in the /libs/langgraph-api directory: [uuid](https://github.com/uuidjs/uuid) and [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 1 update in the /libs/langgraph-cli directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 1 update in the /libs/sdk directory: [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `uuid` from 9.0.1 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.1...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.14.4 to 1.19.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(globals): Stop overwriting global.fetch by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/295\"\u003ehonojs/node-server#295\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add guide for listening to UNIX domain socket by \u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serve-static): Use Readable.toWeb in serveStatic by \u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.7...v1.19.8\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.7...v1.19.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Fix for hono issue 4563 - incorrect content-length after following symlink by \u003ca href=\"https://github.com/tshmieldev\"\u003e\u003ccode\u003e@​tshmieldev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/290\"\u003ehonojs/node-server#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/455015be1697dd89974a68b70350ea7b2d126d2e\"\u003e\u003ccode\u003e455015b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cc05c48d8eb34007d5d5ff3861ea554721387041\"\u003e\u003ccode\u003ecc05c48\u003c/code\u003e\u003c/a\u003e chore: add benchmark for comparing with npm and local (dev) (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/305\"\u003e#305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.14.4...v1.19.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.12.0 to 4.12.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.18\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eCache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage\u003c/h3\u003e\n\u003cp\u003eAffects: Cache Middleware. Fixes missing cache-skip handling for \u003ccode\u003eVary: Authorization\u003c/code\u003e and \u003ccode\u003eVary: Cookie\u003c/code\u003e, where a response cached for one authenticated user could be served to other users. GHSA-p77w-8qqv-26rm\u003c/p\u003e\n\u003ch3\u003eCSS Declaration Injection via Style Object Values in JSX SSR\u003c/h3\u003e\n\u003cp\u003eAffects: hono/jsx. Fixes a missing CSS-context escape for \u003ccode\u003estyle\u003c/code\u003e object values and property names, where untrusted input could inject additional CSS declarations. The impact is limited to CSS and does not allow JavaScript execution. GHSA-qp7p-654g-cw7p\u003c/p\u003e\n\u003ch3\u003eImproper validation of NumericDate claims (exp, nbf, iat) in JWT verify()\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/utils/jwt\u003c/code\u003e. Fixes improper validation of \u003ccode\u003eexp\u003c/code\u003e, \u003ccode\u003enbf\u003c/code\u003e, and \u003ccode\u003eiat\u003c/code\u003e claims, where falsy, non-finite, or non-numeric values could silently bypass time-based checks instead of being rejected per RFC 7519. GHSA-hm8q-7f3q-5f36\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use the JWT helper, hono/jsx, or the Cache middleware are strongly encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.17\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(jsx): normalize SVG attributes on the \u003c!-- raw HTML omitted --\u003e root element by \u003ca href=\"https://github.com/kfly8\"\u003e\u003ccode\u003e@​kfly8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4893\"\u003ehonojs/hono#4893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ssg): add \u003ccode\u003eatom+xml\u003c/code\u003e and \u003ccode\u003erss+xml\u003c/code\u003e to \u003ccode\u003edefaultExtensionMap\u003c/code\u003e by \u003ca href=\"https://github.com/yuintei\"\u003e\u003ccode\u003e@​yuintei\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4899\"\u003ehonojs/hono#4899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(cors): make origin optional in CORSOptions by \u003ca href=\"https://github.com/truffle-dev\"\u003e\u003ccode\u003e@​truffle-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4905\"\u003ehonojs/hono#4905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(types): propagate middleware response types to app.on overloads by \u003ca href=\"https://github.com/T4ko0522\"\u003e\u003ccode\u003e@​T4ko0522\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4906\"\u003ehonojs/hono#4906\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kfly8\"\u003e\u003ccode\u003e@​kfly8\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4893\"\u003ehonojs/hono#4893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/truffle-dev\"\u003e\u003ccode\u003e@​truffle-dev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4905\"\u003ehonojs/hono#4905\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.16...v4.12.17\"\u003ehttps://github.com/honojs/hono/compare/v4.12.16...v4.12.17\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.16\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eUnvalidated JSX Tag Names in hono/jsx May Allow HTML Injection\u003c/h3\u003e\n\u003cp\u003eAffects: hono/jsx. Fixes missing validation of JSX tag names when using \u003ccode\u003ejsx()\u003c/code\u003e or \u003ccode\u003ecreateElement()\u003c/code\u003e, which could allow HTML injection if untrusted input is used as the tag name. GHSA-69xw-7hcm-h432\u003c/p\u003e\n\u003ch3\u003ebodyLimit() can be bypassed for chunked / unknown-length requests\u003c/h3\u003e\n\u003cp\u003eAffects: Body Limit Middleware. Fixes late enforcement for request bodies without a reliable Content-Length (e.g. chunked requests), where oversized requests could reach handlers and return successful responses before being rejected. GHSA-9vqf-7f2p-gf9v\u003c/p\u003e\n\u003ch2\u003ev4.12.15\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(jwt): support single-line PEM keys by \u003ca href=\"https://github.com/hiendv\"\u003e\u003ccode\u003e@​hiendv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4889\"\u003ehonojs/hono#4889\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f10dee89ced5956b73c1cdc416d6bc0fd54d63b7\"\u003e\u003ccode\u003ef10dee8\u003c/code\u003e\u003c/a\u003e 4.12.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a5bd9ebead279ed9d0239ecbd854f629edfc0e57\"\u003e\u003ccode\u003ea5bd9eb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/58d3d3ad5656e007ed99da1b73865975952de5e9\"\u003e\u003ccode\u003e58d3d3a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/568c2ecc1dd556894fad4dfa4a7ba499db6dba9c\"\u003e\u003ccode\u003e568c2ec\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/ff2b3d31df1be35f7d597a95dd3369402b6e87f2\"\u003e\u003ccode\u003eff2b3d3\u003c/code\u003e\u003c/a\u003e 4.12.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/52aaaf9714b06303ce5caa655b1d80675be687e9\"\u003e\u003ccode\u003e52aaaf9\u003c/code\u003e\u003c/a\u003e fix(types): propagate middleware response types to app.on overloads (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4906\"\u003e#4906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/76d5589e9b0569f4e74ec37e8dd6979455f70dfa\"\u003e\u003ccode\u003e76d5589\u003c/code\u003e\u003c/a\u003e fix(cors): make origin optional in CORSOptions (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4905\"\u003e#4905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/8f027e5574e91e3c7f263a728656e3888559e51a\"\u003e\u003ccode\u003e8f027e5\u003c/code\u003e\u003c/a\u003e fix(ssg): add \u003ccode\u003eatom+xml\u003c/code\u003e and \u003ccode\u003erss+xml\u003c/code\u003e to \u003ccode\u003edefaultExtensionMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4899\"\u003e#4899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/bfba97ca7ea3d4541a3419f1749e5a1a3e8f1727\"\u003e\u003ccode\u003ebfba97c\u003c/code\u003e\u003c/a\u003e fix(jsx): normalize SVG attributes on the \u0026lt;svg\u0026gt; root element (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4893\"\u003e#4893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/90d4182aabd328e2ec6af3f25ec62ddc574ad8cb\"\u003e\u003ccode\u003e90d4182\u003c/code\u003e\u003c/a\u003e 4.12.16\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.0...v4.12.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.3.37 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(openai): Add use responses API to OpenAI wrapper by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2218\"\u003elangchain-ai/langsmith-sdk#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(py): Fix Python integration tests by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2219\"\u003elangchain-ai/langsmith-sdk#2219\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add invocation param tracing for OpenAI responses wrapper in JS by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2220\"\u003elangchain-ai/langsmith-sdk#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore empty string by \u003ca href=\"https://github.com/hinthornw\"\u003e\u003ccode\u003e@​hinthornw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2225\"\u003elangchain-ai/langsmith-sdk#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove duplicate patch from claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2189\"\u003elangchain-ai/langsmith-sdk#2189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix JS Memory Leak clean child_runs by \u003ca href=\"https://github.com/amodelaweb\"\u003e\u003ccode\u003e@​amodelaweb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2228\"\u003elangchain-ai/langsmith-sdk#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Make traced async iterators call finally on success by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2230\"\u003elangchain-ai/langsmith-sdk#2230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.4.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2231\"\u003elangchain-ai/langsmith-sdk#2231\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/71b71893b45953b9f339bc62a8037469da4fc914\"\u003e\u003ccode\u003e71b7189\u003c/code\u003e\u003c/a\u003e feat(python): Bump pydantic to v2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1482c9c3f689680e448da66e75c377a8f5bb00ae\"\u003e\u003ccode\u003e1482c9c\u003c/code\u003e\u003c/a\u003e feat: add prompt cache back and setup environment tests (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3ebe56bd56c16616945e7bf9d6860c2c42f1a782\"\u003e\u003ccode\u003e3ebe56b\u003c/code\u003e\u003c/a\u003e release(js): bump to 0.4.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2259\"\u003e#2259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8b87f144ef5d2c6a5b3e9bf3f86ba49ca571f198\"\u003e\u003ccode\u003e8b87f14\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2257\"\u003e#2257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/43335d5ac9eda253671b0300e38b248e35882f30\"\u003e\u003ccode\u003e43335d5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: add js prompt caching\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/ae71b5e7cdc44a8868b8d4de8696bd6b3c70f1ac\"\u003e\u003ccode\u003eae71b5e\u003c/code\u003e\u003c/a\u003e chore(js): bump JS to 0.4.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2253\"\u003e#2253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/9fd842cf020d4825a34ce4bf6aa7d678e6813e34\"\u003e\u003ccode\u003e9fd842c\u003c/code\u003e\u003c/a\u003e bump(python): 0.5.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2256\"\u003e#2256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8fd1283fcf7d0f284f36287ac9975b2ca8661f9a\"\u003e\u003ccode\u003e8fd1283\u003c/code\u003e\u003c/a\u003e fix(claude): correctly parse llm and tool inputs in claude agent sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/2903578ef415dd785b95dc9cce95c1ba2f8f4f23\"\u003e\u003ccode\u003e2903578\u003c/code\u003e\u003c/a\u003e feat: add js prompt caching (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2251\"\u003e#2251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3f1d68058251de9e4204c7b9d5c65729dce401eb\"\u003e\u003ccode\u003e3f1d680\u003c/code\u003e\u003c/a\u003e feat: add prompt caching to python sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2246\"\u003e#2246\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.3.37...v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.9 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.9...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yaml` from 2.8.0 to 2.8.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eemeli/yaml/releases\"\u003eyaml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.8.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003etrailingComma\u003c/code\u003e ToString option for multiline flow formatting (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCatch stack overflow during node composition (1e84ebb)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.8.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSerialize -0 as -0 (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/638\"\u003e#638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not double newlines for empty map values (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/642\"\u003e#642\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve empty block literals (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/634\"\u003e#634\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/ce14587484822bffb0f7d31aefedcaf2dc0d0387\"\u003e\u003ccode\u003ece14587\u003c/code\u003e\u003c/a\u003e 2.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/1e84ebbea7ec35011a4c61bbb820a529ee4f359b\"\u003e\u003ccode\u003e1e84ebb\u003c/code\u003e\u003c/a\u003e fix: Catch stack overflow during node composition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/6b24090280eaaab5040112bba41ccef57f39c2d5\"\u003e\u003ccode\u003e6b24090\u003c/code\u003e\u003c/a\u003e ci: Include Prettier check in lint action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/9424dee38c85163fad53ac27533c7c4bdaf7495d\"\u003e\u003ccode\u003e9424dee\u003c/code\u003e\u003c/a\u003e chore: Refresh lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/d1aca82bc15a4c261bdc58561d32189a5d3a45ef\"\u003e\u003ccode\u003ed1aca82\u003c/code\u003e\u003c/a\u003e Add trailingComma ToString option for multiline flow formatting (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/43215099f7fcdac422d778c15e70d83c691b0e41\"\u003e\u003ccode\u003e4321509\u003c/code\u003e\u003c/a\u003e ci: Drop the branch filter from GitHub PR actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/47207d0fc7d4f863cd5fbdcff1378637bd93e847\"\u003e\u003ccode\u003e47207d0\u003c/code\u003e\u003c/a\u003e chore: Update docs-slate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/5212faeed5936d1fa291d2f28672e4a96e2c2c5d\"\u003e\u003ccode\u003e5212fae\u003c/code\u003e\u003c/a\u003e chore: Update docs-slate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/086fa6b5bae325da18734750cddee231ce578930\"\u003e\u003ccode\u003e086fa6b\u003c/code\u003e\u003c/a\u003e 2.8.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/95f01e98032ddf199b42bb3ba0737303b35ef752\"\u003e\u003ccode\u003e95f01e9\u003c/code\u003e\u003c/a\u003e chore: Add funding to package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eemeli/yaml/compare/v2.8.0...v2.8.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `defu` from 6.1.4 to 6.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unjs/defu/releases\"\u003edefu's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.6...v6.1.7\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExport Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eJakub Michálek (\u003ca href=\"https://github.com/J-Michalek\"\u003e\u003ccode\u003e@​J-Michalek\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.6\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.5...v6.1.6\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mixed types (\u003ca href=\"https://github.com/unjs/defu/commit/407b516\"\u003e407b516\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.5\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.4...v6.1.5\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent prototype pollution via \u003ccode\u003e__proto__\u003c/code\u003e in defaults (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/156\"\u003e#156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore inherited enumerable properties (\u003ca href=\"https://github.com/unjs/defu/commit/11ba022\"\u003e11ba022\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e✅ Tests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more tests for plain objects (\u003ca href=\"https://github.com/unjs/defu/commit/b65f603\"\u003eb65f603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePooya Parsa (\u003ca href=\"https://github.com/pi0\"\u003e\u003ccode\u003e@​pi0\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKricsleo (\u003ca href=\"https://github.com/kricsleo\"\u003e\u003ccode\u003e@​kricsleo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/unjs/defu/blob/main/CHANGELOG.md\"\u003edefu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/unjs/defu/compare/v6.1.6...v6.1.7\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edefu.d.cts:\u003c/strong\u003e Export Defu types (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/157\"\u003e#157\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📦 Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the \u003ccode\u003etypes\u003c/code\u003e export entry (\u003ca href=\"https://redirect.github.com/unjs/defu/pull/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eJakub Michálek (\u003ca href=\"https://githu...\n\n_Description has been truncated_\n\n---\n\n🔧 This PR updates 19 npm dependencies across 5 directories in the LangGraph project, including major version bumps for uuid (9.0.1→14.0.0), langsmith (0.3.x→0.7.2), and several security-focused updates for hono, axios, and other packages.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **UUID Library**: Major version upgrade from 9.0.1/10.0.0 to 14.0.0 across 8 packages, introducing Node.js 20+ requirement and security fixes\n- **LangSmith SDK**: Updated from 0.3.x to 0.7.2 in langgraph-api and langgraph-cli, adding AI SDK 6 support and prompt caching features\n- **Hono Framework**: Security updates from 4.12.0 to 4.12.18 fixing cache middleware vulnerabilities, JSX injection issues, and JWT validation problems\n- **Next.js**: Minor update from 15.5.10 to 15.5.18 in test environment\n- **Security Dependencies**: Multiple packages updated with security fixes including axios (prototype pollution), basic-ftp (control character injection), and others\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 19 Updates]\n    B --\u003e C[UUID v14.0.0]\n    B --\u003e D[LangSmith v0.7.2]\n    B --\u003e E[Hono v4.12.18]\n    B --\u003e F[Security Patches]\n    \n    C --\u003e G[Breaking: Node 20+ Required]\n    C --\u003e H[Security: Buffer Validation]\n    \n    D --\u003e I[AI SDK 6 Support]\n    D --\u003e J[Prompt Caching]\n    \n    E --\u003e K[Cache Middleware Fix]\n    E --\u003e L[JSX Security Fix]\n    E --\u003e M[JWT Validation Fix]\n    \n    F --\u003e N[Axios Prototype Pollution]\n    F --\u003e O[Basic-FTP Control Injection]\n```\n\n### Impact\n- **Security Enhancement**: Multiple critical security vulnerabilities addressed across the dependency chain, particularly in web frameworks and HTTP clients\n- **Node.js Compatibility**: Breaking change requiring Node.js 20+ due to UUID library update, but provides better performance and security\n- **Feature Additions**: New capabilities in LangSmith SDK including AI SDK 6 support and prompt caching functionality\n- **Maintenance**: Routine updates to build tools, testing frameworks, and utility libraries ensuring continued compatibility and performance\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/langgraphjs/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Flanggraphjs/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"0.3.87","new_version":"0.7.2","update_type":"minor","path":null,"pr_created_at":"2026-05-23T08:42:26.000Z","version_change":"0.3.87 → 0.7.2","issue":{"uuid":"4507528590","node_id":"PR_kwDORmaros7elq-C","number":39,"state":"closed","title":"Bump the npm_and_yarn group across 29 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-23T08:43:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T08:42:26.000Z","updated_at":"2026-05-23T08:43:33.000Z","time_to_close":65,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":8,"packages":[{"name":"langsmith","old_version":"0.3.87","new_version":"0.7.2","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"axios","old_version":"1.13.6","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.13.4","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the /skills/abhayjb/mem0 directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/al1enjesus/polyclawster directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/asgherali/usd1 directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/autogame-17/feishu-doc directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/autogame-17/feishu-post directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/brianleach/metra directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/brianleach/mta directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/cuongdcdev/near-intents directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/homeofe/clawhub-scanner directory: [brace-expansion](https://github.com/juliangruber/brace-expansion).\nBumps the npm_and_yarn group with 1 update in the /skills/homeofe/openclaw-docker directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/jefdiesel/clawphunks directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /skills/josephrp/autonomous directory: [axios](https://github.com/axios/axios) and [langsmith](https://github.com/langchain-ai/langsmith-sdk).\nBumps the npm_and_yarn group with 2 updates in the /skills/jvsteiner/unimarket directory: [axios](https://github.com/axios/axios) and [@libp2p/kad-dht](https://github.com/libp2p/js-libp2p).\nBumps the npm_and_yarn group with 3 updates in the /skills/koatora20/guard-scanner directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [axios](https://github.com/axios/axios) and [openclaw](https://github.com/openclaw/openclaw).\nBumps the npm_and_yarn group with 1 update in the /skills/krunkosaurus/sogni-gen directory: [js-cookie](https://github.com/js-cookie/js-cookie).\nBumps the npm_and_yarn group with 3 updates in the /skills/licc921/safelink directory: [axios](https://github.com/axios/axios), [protobufjs](https://github.com/protobufjs/protobuf.js) and [@libp2p/kad-dht](https://github.com/libp2p/js-libp2p).\nBumps the npm_and_yarn group with 1 update in the /skills/lkocaj/leadflow directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/lucasygu/ttc directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/mohibshaikh/clawvet directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 2 updates in the /skills/sieyer/mem0-1-0-0 directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/silostack/silk directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/silostack/silkyway directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /skills/sumeetghimire/safehub directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /skills/tjamescouch/agentchat directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /skills/topguyaii/hub1 directory: [axios](https://github.com/axios/axios) and [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /skills/w3h9uf/hashbox-plugin directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /skills/wkyleg/bitchat directory: [protobufjs](https://github.com/protobufjs/protobuf.js) and [openclaw](https://github.com/openclaw/openclaw).\nBumps the npm_and_yarn group with 3 updates in the /skills/xray2016/openclaw-mem0 directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk), [protobufjs](https://github.com/protobufjs/protobuf.js) and [openclaw](https://github.com/openclaw/openclaw).\nBumps the npm_and_yarn group with 3 updates in the /skills/xucheng/openclaw-onebot directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [axios](https://github.com/axios/axios) and [openclaw](https://github.com/openclaw/openclaw).\n\nUpdates `langsmith` from 0.3.87 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2389\"\u003elangchain-ai/langsmith-sdk#2389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove \u003ca href=\"https://github.com/internal\"\u003e\u003ccode\u003e@​internal\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2391\"\u003elangchain-ai/langsmith-sdk#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2392\"\u003elangchain-ai/langsmith-sdk#2392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump openai from 5.8.2 to 6.18.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2378\"\u003elangchain-ai/langsmith-sdk#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump cross-env from 7.0.3 to 10.1.0 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2379\"\u003elangchain-ai/langsmith-sdk#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2376\"\u003elangchain-ai/langsmith-sdk#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump node-fetch from 2.7.0 to 3.3.2 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2380\"\u003elangchain-ai/langsmith-sdk#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGoogle ADK LangSmith tracing enhancements by \u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update dependabot.yml to comply with posture checks by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2393\"\u003elangchain-ai/langsmith-sdk#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump cryptography from 46.0.3 to 46.0.5 in /python in the uv group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2397\"\u003elangchain-ai/langsmith-sdk#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump the js-minor-and-patch group in /js with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2398\"\u003elangchain-ai/langsmith-sdk#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 in /js by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2399\"\u003elangchain-ai/langsmith-sdk#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump packaging from 25.0 to 26.0 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2403\"\u003elangchain-ai/langsmith-sdk#2403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pytest from 8.4.2 to 9.0.2 in /python by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2405\"\u003elangchain-ai/langsmith-sdk#2405\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the py-minor-and-patch group across 1 directory with 20 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2406\"\u003elangchain-ai/langsmith-sdk#2406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Log Vitest/Jest outputs even if test throws an error by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2408\"\u003elangchain-ai/langsmith-sdk#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove async by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2409\"\u003elangchain-ai/langsmith-sdk#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.3 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2410\"\u003elangchain-ai/langsmith-sdk#2410\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignoring p-queue dep by \u003ca href=\"https://github.com/jkennedyvz\"\u003e\u003ccode\u003e@​jkennedyvz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2414\"\u003elangchain-ai/langsmith-sdk#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add on_start handler for traceable, use in evaluate by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2421\"\u003elangchain-ai/langsmith-sdk#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.5.4 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2422\"\u003elangchain-ai/langsmith-sdk#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add feedback config CRUD and annotation queue rubric items (closes LSPE-67) by \u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2419\"\u003elangchain-ai/langsmith-sdk#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): add exceptions_to_handle to \u003ca href=\"https://github.com/traceable\"\u003e\u003ccode\u003e@​traceable\u003c/code\u003e\u003c/a\u003e by \u003ca href=\"https://github.com/QuentinBrosse\"\u003e\u003ccode\u003e@​QuentinBrosse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2423\"\u003elangchain-ai/langsmith-sdk#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.2 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2426\"\u003elangchain-ai/langsmith-sdk#2426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/j-broekhuizen\"\u003e\u003ccode\u003e@​j-broekhuizen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2394\"\u003elangchain-ai/langsmith-sdk#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bentanny\"\u003e\u003ccode\u003e@​bentanny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2420\"\u003elangchain-ai/langsmith-sdk#2420\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease(js): 0.5.0 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2381\"\u003elangchain-ai/langsmith-sdk#2381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ci): Convert JS release workflow to use OIDC by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2383\"\u003elangchain-ai/langsmith-sdk#2383\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): run evaluations as examples complete by \u003ca href=\"https://github.com/bees\"\u003e\u003ccode\u003e@​bees\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2349\"\u003elangchain-ai/langsmith-sdk#2349\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Restore default concurrency behavior for JS eval runner by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2385\"\u003elangchain-ai/langsmith-sdk#2385\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js,py): Adds backcompat for old prompt cache API by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2386\"\u003elangchain-ai/langsmith-sdk#2386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Add system message visibility to Anthropic wrapper traces by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2375\"\u003elangchain-ai/langsmith-sdk#2375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(py): 0.7.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2388\"\u003elangchain-ai/langsmith-sdk#2388\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2375\"\u003elangchain-ai/langsmith-sdk#2375\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f0b50d2fa1247d6652618190c2d6602e6830b90d\"\u003e\u003ccode\u003ef0b50d2\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2268\"\u003e#2268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e\u003ccode\u003e8a45c13\u003c/code\u003e\u003c/a\u003e fix: Backport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e\u003ccode\u003e479dfdc\u003c/code\u003e\u003c/a\u003e fix: Treat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.6 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.6...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.4 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.6...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.1/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href...\n\n_Description has been truncated_","html_url":"https://github.com/kriptoburak/skills-2/pull/39","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kriptoburak%2Fskills-2/issues/39","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/39/packages"}},{"old_version":"0.4.12","new_version":"0.6.0","update_type":"minor","path":null,"pr_created_at":"2026-05-23T04:01:50.000Z","version_change":"0.4.12 → 0.6.0","issue":{"uuid":"4506759367","node_id":"PR_kwDORpILzM7ejRvi","number":1,"state":"open","title":"chore(deps): Bump the npm_and_yarn group across 1 directory with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T04:01:50.000Z","updated_at":"2026-05-23T04:02:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"turbo","old_version":"2.8.9","new_version":"2.9.14","repository_url":"https://github.com/vercel/turborepo"},{"name":"handlebars","old_version":"4.7.8","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"samlify","old_version":"2.10.0","new_version":"2.13.0","repository_url":"https://github.com/tngan/samlify"},{"name":"ws","old_version":"8.17.1","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"langsmith","old_version":"0.4.12","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"postcss","old_version":"8.4.49","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"axios","old_version":"1.13.5","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"nodemailer","old_version":"7.0.11","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"simple-git","old_version":"3.32.3","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"uuid","old_version":"10.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"vm2","old_version":"3.10.5","new_version":"3.11.3","repository_url":"https://github.com/patriksimek/vm2"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [turbo](https://github.com/vercel/turborepo) | `2.8.9` | `2.9.14` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [ws](https://github.com/websockets/ws) | `8.17.1` | `8.20.1` |\n| [qs](https://github.com/ljharb/qs) | `6.14.2` | `6.15.2` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.4.12` | `0.6.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.49` | `8.5.10` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.32.3` | `3.36.0` |\n| [uuid](https://github.com/uuidjs/uuid) | `10.0.0` | `14.0.0` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.10.5` | `3.11.3` |\n\n\nUpdates `turbo` from 2.8.9 to 2.9.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/releases\"\u003eturbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTurborepo v2.9.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains important security fixes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eHigh:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-5xc8-49mv-x4mm\"\u003eGHSA-5xc8-49mv-x4mm: Turborepo VSCode Extension command injection\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eLow:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-hcf7-66rw-9f5r\"\u003eGHSA-hcf7-66rw-9f5r: Login callback CSRF/session fixation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/security/advisories/GHSA-3qcw-2rhx-2726\"\u003eGHSA-3qcw-2rhx-2726: Unexpected local code execution during Yarn Berry detection\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.12 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12774\"\u003evercel/turborepo#12774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Restore docs mobile menu by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12782\"\u003evercel/turborepo#12782\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12787\"\u003evercel/turborepo#12787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Scope GitHub Actions caches by branch by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12788\"\u003evercel/turborepo#12788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Validate lockfiles without dependency downloads by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12789\"\u003evercel/turborepo#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unneeded import form hash creation script in docs by \u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate auth callback state by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12802\"\u003evercel/turborepo#12802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden VS Code extension command execution by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12800\"\u003evercel/turborepo#12800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Avoid project-local Yarn during detection by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12801\"\u003evercel/turborepo#12801\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Release 2.9.13 by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12803\"\u003evercel/turborepo#12803\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.12...v2.9.14\"\u003ehttps://github.com/vercel/turborepo/compare/v2.9.12...v2.9.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eTurborepo v2.9.13-canary.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.11-canary.7 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12768\"\u003evercel/turborepo#12768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Allow \u003ccode\u003e$TURBO_EXTENDS$\u003c/code\u003e in LSP diagnostics by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12770\"\u003evercel/turborepo#12770\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.11 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12771\"\u003evercel/turborepo#12771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Allow transit nodes in LSP diagnostics by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12773\"\u003evercel/turborepo#12773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.12 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12774\"\u003evercel/turborepo#12774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Restore docs mobile menu by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12782\"\u003evercel/turborepo#12782\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12787\"\u003evercel/turborepo#12787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Scope GitHub Actions caches by branch by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12788\"\u003evercel/turborepo#12788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Validate lockfiles without dependency downloads by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12789\"\u003evercel/turborepo#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unneeded import form hash creation script in docs by \u003ca href=\"https://github.com/dancrumb\"\u003e\u003ccode\u003e@​dancrumb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12799\"\u003evercel/turborepo#12799\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate auth callback state by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12802\"\u003evercel/turborepo#12802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden VS Code extension command execution by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12800\"\u003evercel/turborepo#12800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Avoid project-local Yarn during detection by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12801\"\u003evercel/turborepo#12801\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/fc62fe0d9c347d1d24f0ed8946284856593ddb93\"\u003e\u003ccode\u003efc62fe0\u003c/code\u003e\u003c/a\u003e publish 2.9.14 to registry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/fb8c9aec0f9e83f95783659a5ce9c4478cf62cb9\"\u003e\u003ccode\u003efb8c9ae\u003c/code\u003e\u003c/a\u003e chore: Release 2.9.13 (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12803\"\u003e#12803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/e8e629da4e1fb75231089e91b19be9d327a3e649\"\u003e\u003ccode\u003ee8e629d\u003c/code\u003e\u003c/a\u003e fix: Avoid project-local Yarn during detection (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12801\"\u003e#12801\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/91c90cbf12f524c5c29b713d6472dd5fcdecb309\"\u003e\u003ccode\u003e91c90cb\u003c/code\u003e\u003c/a\u003e fix: Harden VS Code extension command execution (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12800\"\u003e#12800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/84f450894e87da1eed864d51f6f637f26980d560\"\u003e\u003ccode\u003e84f4508\u003c/code\u003e\u003c/a\u003e fix: Validate auth callback state (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/1779ad7901384f106236a6e196059e4929745514\"\u003e\u003ccode\u003e1779ad7\u003c/code\u003e\u003c/a\u003e Removed unneeded import form hash creation script in docs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12799\"\u003e#12799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/71f8c90a807ffb9b9876ea8a04f523f473bf5c8d\"\u003e\u003ccode\u003e71f8c90\u003c/code\u003e\u003c/a\u003e test: Validate lockfiles without dependency downloads (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12789\"\u003e#12789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/5fcb96024d503127bb0ed760ebe159b7716c52b3\"\u003e\u003ccode\u003e5fcb960\u003c/code\u003e\u003c/a\u003e ci: Scope GitHub Actions caches by branch (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12788\"\u003e#12788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/4cf9fabc9a6f6c99fe4e2f2da9f35be631be062a\"\u003e\u003ccode\u003e4cf9fab\u003c/code\u003e\u003c/a\u003e ci: Use \u003ccode\u003epull_request\u003c/code\u003e for PR title linting (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12787\"\u003e#12787\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/859c629bc401f239ac7980a132746ca90478e17c\"\u003e\u003ccode\u003e859c629\u003c/code\u003e\u003c/a\u003e fix: Restore docs mobile menu (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/12782\"\u003e#12782\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.8.9...v2.9.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.8 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `samlify` from 2.10.0 to 2.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tngan/samlify/releases\"\u003esamlify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.11 to 0.8.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/603\"\u003etngan/samlify#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/605\"\u003etngan/samlify#605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/606\"\u003etngan/samlify#606\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject promises with Error instances, not raw strings (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/581\"\u003e#581\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/607\"\u003etngan/samlify#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support simpleSign binding for logout request/response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/584\"\u003e#584\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/608\"\u003etngan/samlify#608\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: correct the parseResult example in saml-response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/518\"\u003e#518\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/609\"\u003etngan/samlify#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify that wantMessageSigned and signatureConfig are SP options (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/516\"\u003e#516\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/610\"\u003etngan/samlify#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRFC-0001: introduce .skills/ and mandatory SAML 2.0 spec citation workflow by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/611\"\u003etngan/samlify#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request relayState for login + logout (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/163\"\u003e#163\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/612\"\u003etngan/samlify#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esec: 2026-04 audit — patch vite, fix XXE bypass, reject unknown sig algs by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/613\"\u003etngan/samlify#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: omit AuthnRequest attributes whose value is null/undefined (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/455\"\u003e#455\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/614\"\u003etngan/samlify#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pass SessionIndex through createLogoutRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/470\"\u003e#470\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/615\"\u003etngan/samlify#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: throw a clear error when redirect binding has no SSO/SLO endpoint (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/308\"\u003e#308\u003c/a\u003e \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/405\"\u003e#405\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/617\"\u003etngan/samlify#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: surface SP/IdP signing flags in ERR_METADATA_CONFLICT_REQUEST_SIGNED_FLAG (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/453\"\u003e#453\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/616\"\u003etngan/samlify#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: default signatureConfig for SP when wantMessageSigned is true (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/454\"\u003e#454\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/619\"\u003etngan/samlify#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request ForceAuthn for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/359\"\u003e#359\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/618\"\u003etngan/samlify#618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support tagPrefix.protocol and tagPrefix.assertion on IdP (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/388\"\u003e#388\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/620\"\u003etngan/samlify#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: invoke customTagReplacement even without explicit template (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/549\"\u003e#549\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/621\"\u003etngan/samlify#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support elementsOrder option on IdP metadata (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/429\"\u003e#429\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/622\"\u003etngan/samlify#622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support RSASSA-PSS signature algorithms (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/624\"\u003e#624\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/625\"\u003etngan/samlify#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request AssertionConsumerServiceIndex for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/437\"\u003e#437\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/623\"\u003etngan/samlify#623\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSecurity Audit\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/tngan/samlify/security/advisories/GHSA-34r5-q4jw-r36m\"\u003ehttps://github.com/tngan/samlify/security/advisories/GHSA-34r5-q4jw-r36m\u003c/a\u003e (credit to \u003ca href=\"https://github.com/RootUp\"\u003e\u003ccode\u003e@​RootUp\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tngan/samlify/compare/v2.12.0...v2.13.0\"\u003ehttps://github.com/tngan/samlify/compare/v2.12.0...v2.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.12.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: security audit - XPath injection, XXE protection, dependency update \u003ca href=\"https://github.com/tngan/samlify/commit/ab87376e9e8df4faea21995d99c6821bc7f6898e\"\u003ehttps://github.com/tngan/samlify/commit/ab87376e9e8df4faea21995d99c6821bc7f6898e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: maintain the commonjs build and remove camel case lib import by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/601\"\u003etngan/samlify#601\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tngan/samlify/compare/v2.11.0...v2.12.0\"\u003ehttps://github.com/tngan/samlify/compare/v2.11.0...v2.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Replace node-forge with Node.js native crypto by \u003ca href=\"https://github.com/simplyluke\"\u003e\u003ccode\u003e@​simplyluke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/598\"\u003etngan/samlify#598\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump rollup from 4.53.2 to 4.59.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/597\"\u003etngan/samlify#597\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/596\"\u003etngan/samlify#596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump preact from 10.27.2 to 10.28.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/593\"\u003etngan/samlify#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump mdast-util-to-hast from 13.2.0 to 13.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/589\"\u003etngan/samlify#589\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/simplyluke\"\u003e\u003ccode\u003e@​simplyluke\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/598\"\u003etngan/samlify#598\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tngan/samlify/compare/v2.10.2...v2.11.0\"\u003ehttps://github.com/tngan/samlify/compare/v2.10.2...v2.11.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/3230b2b9193654d3090b4c10d8f4be866b8c2351\"\u003e\u003ccode\u003e3230b2b\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/b37a65ce9959c8f3d85a71d22d82eaaac0ef66cb\"\u003e\u003ccode\u003eb37a65c\u003c/code\u003e\u003c/a\u003e fix: escape XML element text in replaceTagsByValue to prevent SAML attribute ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/0235cab01f0a1602ffac89ce28f4e253aace2ff5\"\u003e\u003ccode\u003e0235cab\u003c/code\u003e\u003c/a\u003e feat: per-request AssertionConsumerServiceIndex for createLoginRequest (close...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/a3910b16388d80b76ffc301d6afcc9c6cc640366\"\u003e\u003ccode\u003ea3910b1\u003c/code\u003e\u003c/a\u003e feat: support RSASSA-PSS signature algorithms (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/624\"\u003e#624\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/625\"\u003e#625\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/8f1cc8bf2127eddea7108e3c41ca4086da041574\"\u003e\u003ccode\u003e8f1cc8b\u003c/code\u003e\u003c/a\u003e feat: support elementsOrder option on IdP metadata (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/429\"\u003e#429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/622\"\u003e#622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/c393d8108428eaaedda54359a76688124067c950\"\u003e\u003ccode\u003ec393d81\u003c/code\u003e\u003c/a\u003e fix: invoke customTagReplacement even without explicit template (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/549\"\u003e#549\u003c/a\u003e)...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/ee738cc9af8515a3d6ae926610382e39853a2b82\"\u003e\u003ccode\u003eee738cc\u003c/code\u003e\u003c/a\u003e feat: support tagPrefix.protocol and tagPrefix.assertion on IdP (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/388\"\u003e#388\u003c/a\u003e)...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/1c2b9fa8ac23b6ff159c8d7ab2c946c718ec4af5\"\u003e\u003ccode\u003e1c2b9fa\u003c/code\u003e\u003c/a\u003e feat: per-request ForceAuthn for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/359\"\u003e#359\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/803acc17e327a32695750b4f8d60e5cfebfad9cb\"\u003e\u003ccode\u003e803acc1\u003c/code\u003e\u003c/a\u003e fix: default signatureConfig for SP when wantMessageSigned is true (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/4\"\u003e#4\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tngan/samlify/commit/3ee2bc66aabca5e81d7b063948788a36e0976653\"\u003e\u003ccode\u003e3ee2bc6\u003c/code\u003e\u003c/a\u003e fix: surface SP/IdP signing flags in ERR_METADATA_CONFLICT_REQUEST_SIGNED_FLA...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tngan/samlify/compare/v2.10.0...v2.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.17.1 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.17.1...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.14.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.4.12 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(openai): Add use responses API to OpenAI wrapper by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2218\"\u003elangchain-ai/langsmith-sdk#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(py): Fix Python integration tests by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2219\"\u003elangchain-ai/langsmith-sdk#2219\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add invocation param tracing for OpenAI responses wrapper in JS by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2220\"\u003elangchain-ai/langsmith-sdk#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore empty string by \u003ca href=\"https://github.com/hinthornw\"\u003e\u003ccode\u003e@​hinthornw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2225\"\u003elangchain-ai/langsmith-sdk#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove duplicate patch from claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2189\"\u003elangchain-ai/langsmith-sdk#2189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix JS Memory Leak clean child_runs by \u003ca href=\"https://github.com/amodelaweb\"\u003e\u003ccode\u003e@​amodelaweb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2228\"\u003elangchain-ai/langsmith-sdk#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Make traced async iterators call finally on success by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2230\"\u003elangchain-ai/langsmith-sdk#2230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.4.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2231\"\u003elangchain-ai/langsmith-sdk#2231\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/71b71893b45953b9f339bc62a8037469da4fc914\"\u003e\u003ccode\u003e71b7189\u003c/code\u003e\u003c/a\u003e feat(python): Bump pydantic to v2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1482c9c3f689680e448da66e75c377a8f5bb00ae\"\u003e\u003ccode\u003e1482c9c\u003c/code\u003e\u003c/a\u003e feat: add prompt cache back and setup environment tests (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3ebe56bd56c16616945e7bf9d6860c2c42f1a782\"\u003e\u003ccode\u003e3ebe56b\u003c/code\u003e\u003c/a\u003e release(js): bump to 0.4.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2259\"\u003e#2259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8b87f144ef5d2c6a5b3e9bf3f86ba49ca571f198\"\u003e\u003ccode\u003e8b87f14\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2257\"\u003e#2257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/43335d5ac9eda253671b0300e38b248e35882f30\"\u003e\u003ccode\u003e43335d5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: add js prompt caching\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/ae71b5e7cdc44a8868b8d4de8696bd6b3c70f1ac\"\u003e\u003ccode\u003eae71b5e\u003c/code\u003e\u003c/a\u003e chore(js): bump JS to 0.4.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2253\"\u003e#2253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/9fd842cf020d4825a34ce4bf6aa7d678e6813e34\"\u003e\u003ccode\u003e9fd842c\u003c/code\u003e\u003c/a\u003e bump(python): 0.5.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2256\"\u003e#2256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8fd1283fcf7d0f284f36287ac9975b2ca8661f9a\"\u003e\u003ccode\u003e8fd1283\u003c/code\u003e\u003c/a\u003e fix(claude): correctly parse llm and tool inputs in claude agent sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/2903578ef415dd785b95dc9cce95c1ba2f8f4f23\"\u003e\u003ccode\u003e2903578\u003c/code\u003e\u003c/a\u003e feat: add js prompt caching (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2251\"\u003e#2251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3f1d68058251de9e4204c7b9d5c65729dce401eb\"\u003e\u003ccode\u003e3f1d680\u003c/code\u003e\u003c/a\u003e feat: add prompt caching to python sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2246\"\u003e#2246\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.4.12...v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.49 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.49...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://...\n\n_Description has been truncated_","html_url":"https://github.com/stvn101/n8n/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/stvn101%2Fn8n/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"0.5.25","new_version":"0.7.2","update_type":"minor","path":null,"pr_created_at":"2026-05-23T03:59:59.000Z","version_change":"0.5.25 → 0.7.2","issue":{"uuid":"4506755527","node_id":"PR_kwDOQR8Hk87ejRCl","number":80,"state":"open","title":"chore(deps)(deps): bump the backend-minor-patch group across 1 directory with 34 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T03:59:59.000Z","updated_at":"2026-05-23T04:00:00.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"backend-minor-patch","update_count":34,"packages":[{"name":"@ai-sdk/langchain","old_version":"2.0.174","new_version":"2.0.197","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/openai","old_version":"3.0.53","new_version":"3.0.65","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/react","old_version":"3.0.170","new_version":"3.0.193","repository_url":"https://github.com/vercel/ai"},{"name":"@anthropic-ai/sdk","old_version":"0.92.0","new_version":"0.98.0","repository_url":"https://github.com/anthropics/anthropic-sdk-typescript"},{"name":"@aws-sdk/client-s3","old_version":"3.1050.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.1050.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@elevenlabs/elevenlabs-js","old_version":"2.25.1","new_version":"2.49.1","repository_url":"https://github.com/elevenlabs/elevenlabs-js"},{"name":"@fal-ai/client","old_version":"1.7.0","new_version":"1.10.1","repository_url":"https://github.com/fal-ai/fal-js"},{"name":"@langchain/langgraph","old_version":"1.2.9","new_version":"1.3.2","repository_url":"https://github.com/langchain-ai/langgraphjs"},{"name":"@langchain/openai","old_version":"1.4.4","new_version":"1.4.7","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@mozilla/readability","old_version":"0.5.0","new_version":"0.6.0","repository_url":"https://github.com/mozilla/readability"},{"name":"@opentelemetry/auto-instrumentations-node","old_version":"0.74.0","new_version":"0.76.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js-contrib"},{"name":"@opentelemetry/exporter-trace-otlp-http","old_version":"0.216.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/sdk-node","old_version":"0.216.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@sentry/node","old_version":"10.51.0","new_version":"10.53.1","repository_url":"https://github.com/getsentry/sentry-javascript"},{"name":"ai","old_version":"6.0.168","new_version":"6.0.191","repository_url":"https://github.com/vercel/ai"},{"name":"bcryptjs","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/dcodeIO/bcrypt.js"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.77.1","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"cors","old_version":"2.8.5","new_version":"2.8.6","repository_url":"https://github.com/expressjs/cors"},{"name":"docx","old_version":"9.5.1","new_version":"9.6.1","repository_url":"https://github.com/dolanmiu/docx"},{"name":"docxtemplater","old_version":"3.67.1","new_version":"3.68.7","repository_url":"https://github.com/open-xml-templating/docxtemplater"},{"name":"express-session","old_version":"1.18.2","new_version":"1.19.0","repository_url":"https://github.com/expressjs/session"},{"name":"express-validator","old_version":"7.3.0","new_version":"7.3.2","repository_url":"https://github.com/express-validator/express-validator"},{"name":"fast-xml-parser","old_version":"5.7.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"google-auth-library","old_version":"10.5.0","new_version":"10.6.2","repository_url":"https://github.com/googleapis/google-cloud-node-core"},{"name":"jsonwebtoken","old_version":"9.0.2","new_version":"9.0.3","repository_url":"https://github.com/auth0/node-jsonwebtoken"},{"name":"langchain","old_version":"1.3.4","new_version":"1.4.2","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"langsmith","old_version":"0.5.25","new_version":"0.7.2","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"pdfkit","old_version":"0.17.2","new_version":"0.18.0","repository_url":"https://github.com/foliojs/pdfkit"},{"name":"playwright","old_version":"1.56.1","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"sharp","old_version":"0.34.4","new_version":"0.34.5","repository_url":"https://github.com/lovell/sharp"},{"name":"user-agents","old_version":"2.1.42","new_version":"2.1.68","repository_url":"https://github.com/intoli/user-agents"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"nodemon","old_version":"3.1.10","new_version":"3.1.14","repository_url":"https://github.com/remy/nodemon"}],"path":null,"ecosystem":"npm"},"body":"Bumps the backend-minor-patch group with 34 updates in the /backend directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@ai-sdk/langchain](https://github.com/vercel/ai/tree/HEAD/packages/langchain) | `2.0.174` | `2.0.197` |\n| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `3.0.53` | `3.0.65` |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `3.0.170` | `3.0.193` |\n| [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.92.0` | `0.98.0` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1050.0` | `3.1053.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.1050.0` | `3.1053.0` |\n| [@elevenlabs/elevenlabs-js](https://github.com/elevenlabs/elevenlabs-js) | `2.25.1` | `2.49.1` |\n| [@fal-ai/client](https://github.com/fal-ai/fal-js/tree/HEAD/libs/client) | `1.7.0` | `1.10.1` |\n| [@langchain/langgraph](https://github.com/langchain-ai/langgraphjs/tree/HEAD/libs/langgraph-core) | `1.2.9` | `1.3.2` |\n| [@langchain/openai](https://github.com/langchain-ai/langchainjs) | `1.4.4` | `1.4.7` |\n| [@mozilla/readability](https://github.com/mozilla/readability) | `0.5.0` | `0.6.0` |\n| [@opentelemetry/auto-instrumentations-node](https://github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/auto-instrumentations-node) | `0.74.0` | `0.76.0` |\n| [@opentelemetry/exporter-trace-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` |\n| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.51.0` | `10.53.1` |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `6.0.168` | `6.0.191` |\n| [bcryptjs](https://github.com/dcodeIO/bcrypt.js) | `3.0.2` | `3.0.3` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.77.1` |\n| [cors](https://github.com/expressjs/cors) | `2.8.5` | `2.8.6` |\n| [docx](https://github.com/dolanmiu/docx) | `9.5.1` | `9.6.1` |\n| [docxtemplater](https://github.com/open-xml-templating/docxtemplater) | `3.67.1` | `3.68.7` |\n| [express-session](https://github.com/expressjs/session) | `1.18.2` | `1.19.0` |\n| [express-validator](https://github.com/express-validator/express-validator) | `7.3.0` | `7.3.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.7.3` | `5.8.0` |\n| [google-auth-library](https://github.com/googleapis/google-cloud-node-core/tree/HEAD/packages/google-auth-library-nodejs) | `10.5.0` | `10.6.2` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `9.0.2` | `9.0.3` |\n| [langchain](https://github.com/langchain-ai/langchainjs) | `1.3.4` | `1.4.2` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.5.25` | `0.7.2` |\n| [pdfkit](https://github.com/foliojs/pdfkit) | `0.17.2` | `0.18.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.56.1` | `1.60.0` |\n| [sharp](https://github.com/lovell/sharp) | `0.34.4` | `0.34.5` |\n| [user-agents](https://github.com/intoli/user-agents) | `2.1.42` | `2.1.68` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n| [nodemon](https://github.com/remy/nodemon) | `3.1.10` | `3.1.14` |\n\n\nUpdates `@ai-sdk/langchain` from 2.0.174 to 2.0.197\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/langchain's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.197\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.196\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.195\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.194\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/langchain@2.0.197/packages/langchain/CHANGELOG.md\"\u003e@​ai-sdk/langchain's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.0.197\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.196\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.195\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.194\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/langchain@2.0.197/packages/langchain\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/openai` from 3.0.53 to 3.0.65\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/openai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/openai@3.0.65/packages/openai/CHANGELOG.md\"\u003e@​ai-sdk/openai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.64\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb7ed8bd: feat(openai): add opt-in pass-through for unsupported file media types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.63\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [f591416]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.27\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.62\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e65edcca: feat: add allowedTools provider option for OpenAI Responses\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.61\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb93f9b4: feat(provider/openai): forward imageDetail providerOptions on tool-result image content\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.60\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e6dcd8e6: feat(openai): add GPT-5.5 chat model IDs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.59\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e38966ab: fix(openai, openai-compatible): only send null content for assistant messages with tool calls\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.58\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2370948: feat(openai): preserve \u003ccode\u003enamespace\u003c/code\u003e on function_call output items\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.57\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/eb523789b342aa21742c0a06f531604782820aff\"\u003e\u003ccode\u003eeb52378\u003c/code\u003e\u003c/a\u003e Backport: fix(openai): skip passing reasoning items when using previous respo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b7ed8bdac18d2e71b4c392f08c8d8f03204ca8f4\"\u003e\u003ccode\u003eb7ed8bd\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add opt-in pass-through for unsupported file media ty...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e3ccdb5987c07459ffd9be56088c5ac9d142fba2\"\u003e\u003ccode\u003ee3ccdb5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15094\"\u003e#15094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bf9de314a7e747019d73dedad7c840da25cc94d5\"\u003e\u003ccode\u003ebf9de31\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15046\"\u003e#15046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/65edcca7edb360ea6c3fa703ff5662c893e9ec0b\"\u003e\u003ccode\u003e65edcca\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add allowedTools provider option for Responses (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15044\"\u003e#15044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/ee37690cc8bcf97710ba391dde4fdfca3c1e1405\"\u003e\u003ccode\u003eee37690\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15020\"\u003e#15020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b93f9b4f806c59fce982c42d4dfa7d19f4a1f928\"\u003e\u003ccode\u003eb93f9b4\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): forward imageDetail providerOptions on tool-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c7061114178e8bf86cc9ac604ebbbe0e7866c7eb\"\u003e\u003ccode\u003ec706111\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/14971\"\u003e#14971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/openai@3.0.65/packages/openai\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/react` from 3.0.170 to 3.0.193\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.193/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.189\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.188\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.186\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.193/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/react\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@anthropic-ai/sdk` from 0.92.0 to 0.98.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/releases\"\u003e@​anthropic-ai/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esdk: v0.98.0\u003c/h2\u003e\n\u003ch2\u003e0.98.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.1...sdk-v0.98.0\"\u003esdk-v0.97.1...sdk-v0.98.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/0528d47b0a390ee7f88d72f85ffe6079ae1c6c00\"\u003e0528d47\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.1\u003c/h2\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.0\u003c/h2\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.96.0\u003c/h2\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md\"\u003e@​anthropic-ai/sdk's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.98.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.1...sdk-v0.98.0\"\u003esdk-v0.97.1...sdk-v0.98.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/0528d47b0a390ee7f88d72f85ffe6079ae1c6c00\"\u003e0528d47\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e) (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9e08bcc988697c195b31569b7519b7954aea6372\"\u003e9e08bcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/32ce8c0d08074532deb3a3be9dc128cd7924092e\"\u003e\u003ccode\u003e32ce8c0\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1873a96304c3212b54de9f7b0db9a1df18583b1c\"\u003e\u003ccode\u003e1873a96\u003c/code\u003e\u003c/a\u003e feat(api): Add support for thinking-token-count beta for estimated tokens in ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/ac9ece3c566b4488dcf73849c17b656ec2d7d17d\"\u003e\u003ccode\u003eac9ece3\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1987147935325ea6b1e0f96cea6851c9d407e6c2\"\u003e\u003ccode\u003e1987147\u003c/code\u003e\u003c/a\u003e fix(runner): skip tool calls SessionToolRunner does not own\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/409ff0e5027422a5ede84280cb851c1de108c246\"\u003e\u003ccode\u003e409ff0e\u003c/code\u003e\u003c/a\u003e chore: release main (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/1052\"\u003e#1052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/a53f60d59ca904f3e79296586642aac3ce68ae02\"\u003e\u003ccode\u003ea53f60d\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/d1b8d04617c5167f1296520b4c9b1156d0482159\"\u003e\u003ccode\u003ed1b8d04\u003c/code\u003e\u003c/a\u003e feat(api): Add support for cache diagnostics beta\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/8e43bf81bc7029411e5a3b81b485d8dda364b376\"\u003e\u003ccode\u003e8e43bf8\u003c/code\u003e\u003c/a\u003e chore(api): spec updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/697e4d592bb3a1258788bd3064ac4dc35671e896\"\u003e\u003ccode\u003e697e4d5\u003c/code\u003e\u003c/a\u003e codegen metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cd5801cbf6cc4db5f6eee155643294feda0ba588\"\u003e\u003ccode\u003ecd5801c\u003c/code\u003e\u003c/a\u003e feat(api): Add BetaManagedAgentsSearchResultBlock types\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.92.0...sdk-v0.98.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/client-s3` from 3.1050.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/69e44c0d790426ebf70e3b16b7b2a32ea94c9207\"\u003e69e44c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-panorama:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d227732b924cfcefad956561e9d000226b6472a1\"\u003ed227732b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-license-manager-user-subscriptions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7fd5d2020b79ef05efcf6857ce1d3b81ef51d781\"\u003e7fd5d202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-partnercentral-account:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ad88edbb4a8ef4029b1d7897f7221c50da491865\"\u003ead88edbb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-schemas:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d8835cfc2971415619c70bd9d298fd2498d8d4b8\"\u003ed8835cfc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-pi:\u003c/strong\u003e  Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b09c19bf6e70f660073b94da11abf5ea4e6ea882\"\u003eb09c19bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-outposts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6e7917a6e550d5190564edefc4f65ea392d864ab\"\u003e6e7917a6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-frauddetector:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9c130d58eb968baaaf07f9f45eae3f01ae7d4d59\"\u003e9c130d58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-network-firewall:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/963a1286bf936d17d6e0df5aad2e1ffb602e469e\"\u003e963a1286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-geo-places:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/965ac97a33901ae783e8ea29c56b80380951d211\"\u003e965ac97a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sesv2:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6f1bd2e812a1aef1c515999880d5de6614562d45\"\u003e6f1bd2e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agent-runtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7ac37e3af8fc13de2a6e5127d417f8a7ecb621a5\"\u003e7ac37e3a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rbin:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5e73fd45b4407462c931a4f82a025d1c2d1d93a9\"\u003e5e73fd45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-codestar-notifications:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d95ca14cfe7e22f165246649e0979be415718077\"\u003ed95ca14c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-application-signals:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/38a20bfa5b7ebd899bbb4382366e6a06e27dc286\"\u003e38a20bfa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bc91aa621fed3c15fecfe07660458aafa59242df\"\u003ebc91aa62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-marketplace-discovery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45132960757e60a48c2eef3b36350c282b32f727\"\u003e45132960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-notificationscontacts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e9ca97abed6a82e58c6ae305eeda869b13c5b008\"\u003ee9ca97ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md\"\u003e@​aws-sdk/client-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1052.0...v3.1053.0\"\u003e3.1053.0\u003c/a\u003e (2026-05-22)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1051.0...v3.1052.0\"\u003e3.1052.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1050.0...v3.1051.0\"\u003e3.1051.0\u003c/a\u003e (2026-05-20)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ef69ea687c15e9aae0568660ba3bcdd5174fbec6\"\u003e\u003ccode\u003eef69ea6\u003c/code\u003e\u003c/a\u003e Publish v3.1053.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/443d6beaebc2b72a5b37816657954f4bd2cf68a5\"\u003e\u003ccode\u003e443d6be\u003c/code\u003e\u003c/a\u003e Publish v3.1052.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0d6242dc938f36ac77e337d39f577e8727f87926\"\u003e\u003ccode\u003e0d6242d\u003c/code\u003e\u003c/a\u003e chore(codegen): update \u003ca href=\"https://github.com/smithy\"\u003e\u003ccode\u003e@​smithy\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8038\"\u003e#8038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b825c136cb984e7d0a4cda429201175c95ba033d\"\u003e\u003ccode\u003eb825c13\u003c/code\u003e\u003c/a\u003e Publish v3.1051.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/clients/client-s3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/s3-request-presigner` from 3.1050.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/s3-request-presigner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/69e44c0d790426ebf70e3b16b7b2a32ea94c9207\"\u003e69e44c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-panorama:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d227732b924cfcefad956561e9d000226b6472a1\"\u003ed227732b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-license-manager-user-subscriptions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7fd5d2020b79ef05efcf6857ce1d3b81ef51d781\"\u003e7fd5d202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-partnercentral-account:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ad88edbb4a8ef4029b1d7897f7221c50da491865\"\u003ead88edbb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-schemas:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d8835cfc2971415619c70bd9d298fd2498d8d4b8\"\u003ed8835cfc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-pi:\u003c/strong\u003e  Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b09c19bf6e70f660073b94da11abf5ea4e6ea882\"\u003eb09c19bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-outposts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6e7917a6e550d5190564edefc4f65ea392d864ab\"\u003e6e7917a6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-frauddetector:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9c130d58eb968baaaf07f9f45eae3f01ae7d4d59\"\u003e9c130d58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-network-firewall:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/963a1286bf936d17d6e0df5aad2e1ffb602e469e\"\u003e963a1286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-geo-places:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/965ac97a33901ae783e8ea29c56b80380951d211\"\u003e965ac97a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sesv2:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6f1bd2e812a1aef1c515999880d5de6614562d45\"\u003e6f1bd2e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agent-runtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7ac37e3af8fc13de2a6e5127d417f8a7ecb621a5\"\u003e7ac37e3a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rbin:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5e73fd45b4407462c931a4f82a025d1c2d1d93a9\"\u003e5e73fd45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-codestar-notifications:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d95ca14cfe7e22f165246649e0979be415718077\"\u003ed95ca14c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-application-signals:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/38a20bfa5b7ebd899bbb4382366e6a06e27dc286\"\u003e38a20bfa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bc91aa621fed3c15fecfe07660458aafa59242df\"\u003ebc91aa62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-marketplace-discovery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45132960757e60a48c2eef3b36350c282b32f727\"\u003e45132960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-notificationscontacts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e9ca97abed6a82e58c6ae305eeda869b13c5b008\"\u003ee9ca97ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/packages/s3-request-presigner/CHANGELOG.md\"\u003e@​aws-sdk/s3-request-presigner's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1052.0...v3.1053.0\"\u003e3.1053.0\u003c/a\u003e (2026-05-22)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1051.0...v3.1052.0\"\u003e3.1052.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1050.0...v3.1051.0\"\u003e3.1051.0\u003c/a\u003e (2026-05-20)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ef69ea687c15e9aae0568660ba3bcdd5174fbec6\"\u003e\u003ccode\u003eef69ea6\u003c/code\u003e\u003c/a\u003e Publish v3.1053.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/443d6beaebc2b72a5b37816657954f4bd2cf68a5\"\u003e\u003ccode\u003e443d6be\u003c/code\u003e\u003c/a\u003e Publish v3.1052.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0d6242dc938f36ac77e337d39f577e8727f87926\"\u003e\u003ccode\u003e0d6242d\u003c/code\u003e\u003c/a\u003e chore(codegen): update \u003ca href=\"https://github.com/smithy\"\u003e\u003ccode\u003e@​smithy\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner/issues/8038\"\u003e#8038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b825c136cb984e7d0a4cda429201175c95ba033d\"\u003e\u003ccode\u003eb825c13\u003c/code\u003e\u003c/a\u003e Publish v3.1051.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/packages/s3-request-presigner\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elevenlabs/elevenlabs-js` from 2.25.1 to 2.49.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/releases\"\u003e@​elevenlabs/elevenlabs-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.49.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Speech Engine] Add full response to Speech Engine API calls by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/396\"\u003eelevenlabs/elevenlabs-js#396\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.49.0...v2.49.1\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.49.0...v2.49.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.49.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd new environment for publish action by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/385\"\u003eelevenlabs/elevenlabs-js#385\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ws from 8.18.3 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/387\"\u003eelevenlabs/elevenlabs-js#387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.8 to 4.7.9 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/388\"\u003eelevenlabs/elevenlabs-js#388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-uri from 3.1.0 to 3.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/389\"\u003eelevenlabs/elevenlabs-js#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/390\"\u003eelevenlabs/elevenlabs-js#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 2.3.1 to 2.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/391\"\u003eelevenlabs/elevenlabs-js#391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSDK regeneration by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/393\"\u003eelevenlabs/elevenlabs-js#393\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/387\"\u003eelevenlabs/elevenlabs-js#387\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.48.0...v2.49.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.48.0...v2.49.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.48.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd environment configuration to conversation initiation data and events by \u003ca href=\"https://github.com/pmarkert\"\u003e\u003ccode\u003e@​pmarkert\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/382\"\u003eelevenlabs/elevenlabs-js#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 18, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/384\"\u003eelevenlabs/elevenlabs-js#384\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pmarkert\"\u003e\u003ccode\u003e@​pmarkert\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/382\"\u003eelevenlabs/elevenlabs-js#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.47.0...v2.48.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.47.0...v2.48.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.47.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 12, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/381\"\u003eelevenlabs/elevenlabs-js#381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpeech Engine SDK by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/365\"\u003eelevenlabs/elevenlabs-js#365\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.46.0...v2.47.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.46.0...v2.47.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.46.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 7, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/380\"\u003eelevenlabs/elevenlabs-js#380\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.45.0...v2.46.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.45.0...v2.46.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.45.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd keyterms and noVerbatim to Scribe realtime API by \u003ca href=\"https://github.com/kraenhansen\"\u003e\u003ccode\u003e@​kraenhansen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/376\"\u003eelevenlabs/elevenlabs-js#376\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/de61f83d12c24caaeddbe5127e980d623a146219\"\u003e\u003ccode\u003ede61f83\u003c/code\u003e\u003c/a\u003e [Speech Engine] Add full response to Speech Engine API calls (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/396\"\u003e#396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/ce5e816b02d6ee652e144660cde533225a31d56f\"\u003e\u003ccode\u003ece5e816\u003c/code\u003e\u003c/a\u003e SDK regeneration (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/393\"\u003e#393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/c316672d7fc9d3bf902b633226969929adad0dca\"\u003e\u003ccode\u003ec316672\u003c/code\u003e\u003c/a\u003e Bump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/391\"\u003e#391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/90a0b2f7bafec7c4092517cb5baf1a13a202ab0a\"\u003e\u003ccode\u003e90a0b2f\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/390\"\u003e#390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/d94bcf977baf7b09d1cc0fb3370d12b2f24b4ecd\"\u003e\u003ccode\u003ed94bcf9\u003c/code\u003e\u003c/a\u003e Bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/4ead10594456ef36f6488006c8fde76d3b027c70\"\u003e\u003ccode\u003e4ead105\u003c/code\u003e\u003c/a\u003e Bump handlebars from 4.7.8 to 4.7.9 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/388\"\u003e#388\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/d76478e7a1691c17dee4ada1383afc87a1b7a38a\"\u003e\u003ccode\u003ed76478e\u003c/code\u003e\u003c/a\u003e Bump ws from 8.18.3 to 8.20.1 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/387\"\u003e#387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/6c791ba134eb9231187faecf04b038121150c697\"\u003e\u003ccode\u003e6c791ba\u003c/code\u003e\u003c/a\u003e Add new environment for publish action (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/385\"\u003e#385\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/f1b560be66c2c5311362ee7a01a8de009e92ccb7\"\u003e\u003ccode\u003ef1b560b\u003c/code\u003e\u003c/a\u003e SDK regeneration (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/384\"\u003e#384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/082f76b59c4a365e967210f2b89ebafba99c90b1\"\u003e\u003ccode\u003e082f76b\u003c/code\u003e\u003c/a\u003e Add environment configuration to conversation initiation data and events (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/382\"\u003e#382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.25.1...v2.49.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fal-ai/client` from 1.7.0 to 1.10.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fal-ai/fal-js/releases\"\u003e@​fal-ai/client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eclient-v1.10.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(client): retry Node-level transport errors in subscribe/dispatch by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/211\"\u003efal-ai/fal-js#211\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.10.0...client-v1.10.1\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.10.0...client-v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(client): allow proxy middleware in non-browser runtimes by \u003ca href=\"https://github.com/drochetti\"\u003e\u003ccode\u003e@​drochetti\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/209\"\u003efal-ai/fal-js#209\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.6...client-v1.10.0\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.6...client-v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(realtime): connection closed transition expires token by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/201\"\u003efal-ai/fal-js#201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecleanup realtime state machine and support live references by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/202\"\u003efal-ai/fal-js#202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: supply chain security, enforce minimum age for node dependencies by \u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/205\"\u003efal-ai/fal-js#205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update endpoint types by \u003ca href=\"https://github.com/aykutkardas\"\u003e\u003ccode\u003e@​aykutkardas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/192\"\u003efal-ai/fal-js#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(client): expose lifecycle ACL options in storage settings by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/208\"\u003efal-ai/fal-js#208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: pin GitHub Actions to full commit SHAs by \u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/207\"\u003efal-ai/fal-js#207\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/205\"\u003efal-ai/fal-js#205\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.6\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(realtime): connection closed transition expires token by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/201\"\u003efal-ai/fal-js#201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.5\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use rest.fal.ai by \u003ca href=\"https://github.com/dazip\"\u003e\u003ccode\u003e@​dazip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/198\"\u003efal-ai/fal-js#198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(realtime): refresh tokens in background without dropping the WebSocket connection by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/200\"\u003efal-ai/fal-js#200\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.4\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use rest.fal.ai by \u003ca href=\"https://github.com/dazip\"\u003e\u003ccode\u003e@​dazip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/198\"\u003efal-ai/fal-js#198\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.3\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/442a7571dfa5ea5cf9d2a1192113f207f9bd718c\"\u003e\u003ccode\u003e442a757\u003c/code\u003e\u003c/a\u003e fix(client): retry Node-level transport errors in subscribe/dispatch (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/211\"\u003e#211\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/f12065b6204df92b5b46db11860a7dd3753bd879\"\u003e\u003ccode\u003ef12065b\u003c/code\u003e\u003c/a\u003e feat(client): allow proxy middleware in non-browser runtimes (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/209\"\u003e#209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/f22b69ec10646df097d5f7c89ae2d7372c0518ed\"\u003e\u003ccode\u003ef22b69e\u003c/code\u003e\u003c/a\u003e chore(client): release 1.9.6 and update reference docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/153ed5697302866752d20c205a85030d929ed48c\"\u003e\u003ccode\u003e153ed56\u003c/code\u003e\u003c/a\u003e feat(client): expose lifecycle ACL options in storage settings (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/208\"\u003e#208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/9830f25d025218a0d5eb684ab5193cad58d95955\"\u003e\u003ccode\u003e9830f25\u003c/code\u003e\u003c/a\u003e chore: update endpoint types (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/192\"\u003e#192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/05d73020ecb04dfc23b6a630794f679e4d43ea86\"\u003e\u003ccode\u003e05d7302\u003c/code\u003e\u003c/a\u003e cleanup realtime state machine and support live references (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/5a97ffa4d4c769501f2bec5f504c6d117d52ad39\"\u003e\u003ccode\u003e5a97ffa\u003c/code\u003e\u003c/a\u003e fix(realtime): refresh tokens in background and clear on disconnect (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/b8029266fa1db9e1d9d9bdcddbe57deb21bc89e4\"\u003e\u003ccode\u003eb802926\u003c/code\u003e\u003c/a\u003e fix(realtime): refresh tokens in background without dropping the WebSocket co...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/ea9fc05f35a6919a6a450a9d86f18a3336d73ee0\"\u003e\u003ccode\u003eea9fc05\u003c/code\u003e\u003c/a\u003e fix: use rest.fal.ai (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/6603299cd3f1424b4cfd7bcc6725fe7dae9b80c9\"\u003e\u003ccode\u003e6603299\u003c/code\u003e\u003c/a\u003e feat(client): pass normalized app+path to TokenProvider (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/196\"\u003e#196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fal-ai/fal-js/commits/client-v1.10.1/libs/client\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fal-ai/client\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/langgraph` from 1.2.9 to 1.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langgraphjs/releases\"\u003e@​langchain/langgraph's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/langgraph\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.3.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langgraphjs/pull/2415\"\u003e#2415\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langgraphjs/commit/9d3c9dd3182059f9eca9fd9b14d8f7466b4338c4\"\u003e\u003ccode\u003e9d3c9dd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - Move \u003ccode\u003e@langchain/core\u003c/code\u003e from a runtime dependency back to a required peer dependency so installing the SDK alone no longer pulls in \u003ccode\u003e@langchain/core\u003c/code\u003e (and \u003ccode\u003ejs-tiktoken\u003c/code\u003e, etc.). Consumers that use streaming or message coercion must install \u003ccode\u003e@langchain/core\u003c/code\u003e explicitly or via \u003ccode\u003e@langchain/lan...\n\n_Description has been truncated_","html_url":"https://github.com/SiraGPT-ORg/siraGPT/pull/80","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiraGPT-ORg%2FsiraGPT/issues/80","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/80/packages"}},{"old_version":"0.5.25","new_version":"0.7.2","update_type":"minor","path":null,"pr_created_at":"2026-05-23T02:39:53.000Z","version_change":"0.5.25 → 0.7.2","issue":{"uuid":"4506579131","node_id":"PR_kwDOQR8Hk87eivWN","number":79,"state":"open","title":"chore(deps)(deps): bump the backend-minor-patch group across 1 directory with 33 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T02:39:53.000Z","updated_at":"2026-05-23T02:39:54.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"backend-minor-patch","update_count":33,"packages":[{"name":"@ai-sdk/langchain","old_version":"2.0.174","new_version":"2.0.197","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/openai","old_version":"3.0.53","new_version":"3.0.65","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/react","old_version":"3.0.170","new_version":"3.0.193","repository_url":"https://github.com/vercel/ai"},{"name":"@anthropic-ai/sdk","old_version":"0.92.0","new_version":"0.98.0","repository_url":"https://github.com/anthropics/anthropic-sdk-typescript"},{"name":"@aws-sdk/client-s3","old_version":"3.1050.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.1050.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@elevenlabs/elevenlabs-js","old_version":"2.25.1","new_version":"2.49.1","repository_url":"https://github.com/elevenlabs/elevenlabs-js"},{"name":"@fal-ai/client","old_version":"1.7.0","new_version":"1.10.1","repository_url":"https://github.com/fal-ai/fal-js"},{"name":"@langchain/langgraph","old_version":"1.2.9","new_version":"1.3.2","repository_url":"https://github.com/langchain-ai/langgraphjs"},{"name":"@langchain/openai","old_version":"1.4.4","new_version":"1.4.7","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@opentelemetry/auto-instrumentations-node","old_version":"0.74.0","new_version":"0.76.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js-contrib"},{"name":"@opentelemetry/exporter-trace-otlp-http","old_version":"0.216.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/sdk-node","old_version":"0.216.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@sentry/node","old_version":"10.51.0","new_version":"10.53.1","repository_url":"https://github.com/getsentry/sentry-javascript"},{"name":"ai","old_version":"6.0.168","new_version":"6.0.191","repository_url":"https://github.com/vercel/ai"},{"name":"bcryptjs","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/dcodeIO/bcrypt.js"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.77.1","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"cors","old_version":"2.8.5","new_version":"2.8.6","repository_url":"https://github.com/expressjs/cors"},{"name":"docx","old_version":"9.5.1","new_version":"9.6.1","repository_url":"https://github.com/dolanmiu/docx"},{"name":"docxtemplater","old_version":"3.67.1","new_version":"3.68.7","repository_url":"https://github.com/open-xml-templating/docxtemplater"},{"name":"express-session","old_version":"1.18.2","new_version":"1.19.0","repository_url":"https://github.com/expressjs/session"},{"name":"express-validator","old_version":"7.3.0","new_version":"7.3.2","repository_url":"https://github.com/express-validator/express-validator"},{"name":"fast-xml-parser","old_version":"5.7.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"google-auth-library","old_version":"10.5.0","new_version":"10.6.2","repository_url":"https://github.com/googleapis/google-cloud-node-core"},{"name":"jsonwebtoken","old_version":"9.0.2","new_version":"9.0.3","repository_url":"https://github.com/auth0/node-jsonwebtoken"},{"name":"langchain","old_version":"1.3.4","new_version":"1.4.2","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"langsmith","old_version":"0.5.25","new_version":"0.7.2","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"pdfkit","old_version":"0.17.2","new_version":"0.18.0","repository_url":"https://github.com/foliojs/pdfkit"},{"name":"playwright","old_version":"1.56.1","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"sharp","old_version":"0.34.4","new_version":"0.34.5","repository_url":"https://github.com/lovell/sharp"},{"name":"user-agents","old_version":"2.1.42","new_version":"2.1.68","repository_url":"https://github.com/intoli/user-agents"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"nodemon","old_version":"3.1.10","new_version":"3.1.14","repository_url":"https://github.com/remy/nodemon"}],"path":null,"ecosystem":"npm"},"body":"Bumps the backend-minor-patch group with 33 updates in the /backend directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@ai-sdk/langchain](https://github.com/vercel/ai/tree/HEAD/packages/langchain) | `2.0.174` | `2.0.197` |\n| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `3.0.53` | `3.0.65` |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `3.0.170` | `3.0.193` |\n| [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.92.0` | `0.98.0` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1050.0` | `3.1053.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.1050.0` | `3.1053.0` |\n| [@elevenlabs/elevenlabs-js](https://github.com/elevenlabs/elevenlabs-js) | `2.25.1` | `2.49.1` |\n| [@fal-ai/client](https://github.com/fal-ai/fal-js/tree/HEAD/libs/client) | `1.7.0` | `1.10.1` |\n| [@langchain/langgraph](https://github.com/langchain-ai/langgraphjs/tree/HEAD/libs/langgraph-core) | `1.2.9` | `1.3.2` |\n| [@langchain/openai](https://github.com/langchain-ai/langchainjs) | `1.4.4` | `1.4.7` |\n| [@opentelemetry/auto-instrumentations-node](https://github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/auto-instrumentations-node) | `0.74.0` | `0.76.0` |\n| [@opentelemetry/exporter-trace-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` |\n| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.51.0` | `10.53.1` |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `6.0.168` | `6.0.191` |\n| [bcryptjs](https://github.com/dcodeIO/bcrypt.js) | `3.0.2` | `3.0.3` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.77.1` |\n| [cors](https://github.com/expressjs/cors) | `2.8.5` | `2.8.6` |\n| [docx](https://github.com/dolanmiu/docx) | `9.5.1` | `9.6.1` |\n| [docxtemplater](https://github.com/open-xml-templating/docxtemplater) | `3.67.1` | `3.68.7` |\n| [express-session](https://github.com/expressjs/session) | `1.18.2` | `1.19.0` |\n| [express-validator](https://github.com/express-validator/express-validator) | `7.3.0` | `7.3.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.7.3` | `5.8.0` |\n| [google-auth-library](https://github.com/googleapis/google-cloud-node-core/tree/HEAD/packages/google-auth-library-nodejs) | `10.5.0` | `10.6.2` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `9.0.2` | `9.0.3` |\n| [langchain](https://github.com/langchain-ai/langchainjs) | `1.3.4` | `1.4.2` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.5.25` | `0.7.2` |\n| [pdfkit](https://github.com/foliojs/pdfkit) | `0.17.2` | `0.18.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.56.1` | `1.60.0` |\n| [sharp](https://github.com/lovell/sharp) | `0.34.4` | `0.34.5` |\n| [user-agents](https://github.com/intoli/user-agents) | `2.1.42` | `2.1.68` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n| [nodemon](https://github.com/remy/nodemon) | `3.1.10` | `3.1.14` |\n\n\nUpdates `@ai-sdk/langchain` from 2.0.174 to 2.0.197\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/langchain's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.197\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.196\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.195\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.194\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/langchain@2.0.197/packages/langchain/CHANGELOG.md\"\u003e@​ai-sdk/langchain's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.0.197\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.196\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.195\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.194\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/langchain/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/langchain@2.0.197/packages/langchain\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/langchain\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/openai` from 3.0.53 to 3.0.65\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/openai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/openai@3.0.65/packages/openai/CHANGELOG.md\"\u003e@​ai-sdk/openai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.64\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb7ed8bd: feat(openai): add opt-in pass-through for unsupported file media types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.63\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [f591416]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.27\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.62\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e65edcca: feat: add allowedTools provider option for OpenAI Responses\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.61\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb93f9b4: feat(provider/openai): forward imageDetail providerOptions on tool-result image content\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.60\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e6dcd8e6: feat(openai): add GPT-5.5 chat model IDs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.59\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e38966ab: fix(openai, openai-compatible): only send null content for assistant messages with tool calls\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.58\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2370948: feat(openai): preserve \u003ccode\u003enamespace\u003c/code\u003e on function_call output items\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.57\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/eb523789b342aa21742c0a06f531604782820aff\"\u003e\u003ccode\u003eeb52378\u003c/code\u003e\u003c/a\u003e Backport: fix(openai): skip passing reasoning items when using previous respo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b7ed8bdac18d2e71b4c392f08c8d8f03204ca8f4\"\u003e\u003ccode\u003eb7ed8bd\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add opt-in pass-through for unsupported file media ty...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e3ccdb5987c07459ffd9be56088c5ac9d142fba2\"\u003e\u003ccode\u003ee3ccdb5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15094\"\u003e#15094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bf9de314a7e747019d73dedad7c840da25cc94d5\"\u003e\u003ccode\u003ebf9de31\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15046\"\u003e#15046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/65edcca7edb360ea6c3fa703ff5662c893e9ec0b\"\u003e\u003ccode\u003e65edcca\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add allowedTools provider option for Responses (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15044\"\u003e#15044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/ee37690cc8bcf97710ba391dde4fdfca3c1e1405\"\u003e\u003ccode\u003eee37690\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15020\"\u003e#15020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b93f9b4f806c59fce982c42d4dfa7d19f4a1f928\"\u003e\u003ccode\u003eb93f9b4\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): forward imageDetail providerOptions on tool-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c7061114178e8bf86cc9ac604ebbbe0e7866c7eb\"\u003e\u003ccode\u003ec706111\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/14971\"\u003e#14971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/openai@3.0.65/packages/openai\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/react` from 3.0.170 to 3.0.193\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.193/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.189\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.188\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.186\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.193/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/react\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@anthropic-ai/sdk` from 0.92.0 to 0.98.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/releases\"\u003e@​anthropic-ai/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esdk: v0.98.0\u003c/h2\u003e\n\u003ch2\u003e0.98.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.1...sdk-v0.98.0\"\u003esdk-v0.97.1...sdk-v0.98.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/0528d47b0a390ee7f88d72f85ffe6079ae1c6c00\"\u003e0528d47\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.1\u003c/h2\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.0\u003c/h2\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.96.0\u003c/h2\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md\"\u003e@​anthropic-ai/sdk's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.98.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.1...sdk-v0.98.0\"\u003esdk-v0.97.1...sdk-v0.98.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/0528d47b0a390ee7f88d72f85ffe6079ae1c6c00\"\u003e0528d47\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e) (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9e08bcc988697c195b31569b7519b7954aea6372\"\u003e9e08bcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/32ce8c0d08074532deb3a3be9dc128cd7924092e\"\u003e\u003ccode\u003e32ce8c0\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1873a96304c3212b54de9f7b0db9a1df18583b1c\"\u003e\u003ccode\u003e1873a96\u003c/code\u003e\u003c/a\u003e feat(api): Add support for thinking-token-count beta for estimated tokens in ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/ac9ece3c566b4488dcf73849c17b656ec2d7d17d\"\u003e\u003ccode\u003eac9ece3\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1987147935325ea6b1e0f96cea6851c9d407e6c2\"\u003e\u003ccode\u003e1987147\u003c/code\u003e\u003c/a\u003e fix(runner): skip tool calls SessionToolRunner does not own\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/409ff0e5027422a5ede84280cb851c1de108c246\"\u003e\u003ccode\u003e409ff0e\u003c/code\u003e\u003c/a\u003e chore: release main (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/1052\"\u003e#1052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/a53f60d59ca904f3e79296586642aac3ce68ae02\"\u003e\u003ccode\u003ea53f60d\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/d1b8d04617c5167f1296520b4c9b1156d0482159\"\u003e\u003ccode\u003ed1b8d04\u003c/code\u003e\u003c/a\u003e feat(api): Add support for cache diagnostics beta\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/8e43bf81bc7029411e5a3b81b485d8dda364b376\"\u003e\u003ccode\u003e8e43bf8\u003c/code\u003e\u003c/a\u003e chore(api): spec updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/697e4d592bb3a1258788bd3064ac4dc35671e896\"\u003e\u003ccode\u003e697e4d5\u003c/code\u003e\u003c/a\u003e codegen metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cd5801cbf6cc4db5f6eee155643294feda0ba588\"\u003e\u003ccode\u003ecd5801c\u003c/code\u003e\u003c/a\u003e feat(api): Add BetaManagedAgentsSearchResultBlock types\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.92.0...sdk-v0.98.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/client-s3` from 3.1050.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/69e44c0d790426ebf70e3b16b7b2a32ea94c9207\"\u003e69e44c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-panorama:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d227732b924cfcefad956561e9d000226b6472a1\"\u003ed227732b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-license-manager-user-subscriptions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7fd5d2020b79ef05efcf6857ce1d3b81ef51d781\"\u003e7fd5d202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-partnercentral-account:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ad88edbb4a8ef4029b1d7897f7221c50da491865\"\u003ead88edbb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-schemas:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d8835cfc2971415619c70bd9d298fd2498d8d4b8\"\u003ed8835cfc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-pi:\u003c/strong\u003e  Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b09c19bf6e70f660073b94da11abf5ea4e6ea882\"\u003eb09c19bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-outposts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6e7917a6e550d5190564edefc4f65ea392d864ab\"\u003e6e7917a6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-frauddetector:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9c130d58eb968baaaf07f9f45eae3f01ae7d4d59\"\u003e9c130d58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-network-firewall:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/963a1286bf936d17d6e0df5aad2e1ffb602e469e\"\u003e963a1286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-geo-places:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/965ac97a33901ae783e8ea29c56b80380951d211\"\u003e965ac97a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sesv2:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6f1bd2e812a1aef1c515999880d5de6614562d45\"\u003e6f1bd2e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agent-runtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7ac37e3af8fc13de2a6e5127d417f8a7ecb621a5\"\u003e7ac37e3a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rbin:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5e73fd45b4407462c931a4f82a025d1c2d1d93a9\"\u003e5e73fd45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-codestar-notifications:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d95ca14cfe7e22f165246649e0979be415718077\"\u003ed95ca14c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-application-signals:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/38a20bfa5b7ebd899bbb4382366e6a06e27dc286\"\u003e38a20bfa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bc91aa621fed3c15fecfe07660458aafa59242df\"\u003ebc91aa62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-marketplace-discovery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45132960757e60a48c2eef3b36350c282b32f727\"\u003e45132960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-notificationscontacts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e9ca97abed6a82e58c6ae305eeda869b13c5b008\"\u003ee9ca97ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md\"\u003e@​aws-sdk/client-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1052.0...v3.1053.0\"\u003e3.1053.0\u003c/a\u003e (2026-05-22)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1051.0...v3.1052.0\"\u003e3.1052.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1050.0...v3.1051.0\"\u003e3.1051.0\u003c/a\u003e (2026-05-20)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ef69ea687c15e9aae0568660ba3bcdd5174fbec6\"\u003e\u003ccode\u003eef69ea6\u003c/code\u003e\u003c/a\u003e Publish v3.1053.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/443d6beaebc2b72a5b37816657954f4bd2cf68a5\"\u003e\u003ccode\u003e443d6be\u003c/code\u003e\u003c/a\u003e Publish v3.1052.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0d6242dc938f36ac77e337d39f577e8727f87926\"\u003e\u003ccode\u003e0d6242d\u003c/code\u003e\u003c/a\u003e chore(codegen): update \u003ca href=\"https://github.com/smithy\"\u003e\u003ccode\u003e@​smithy\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8038\"\u003e#8038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b825c136cb984e7d0a4cda429201175c95ba033d\"\u003e\u003ccode\u003eb825c13\u003c/code\u003e\u003c/a\u003e Publish v3.1051.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/clients/client-s3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/s3-request-presigner` from 3.1050.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/s3-request-presigner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/69e44c0d790426ebf70e3b16b7b2a32ea94c9207\"\u003e69e44c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-panorama:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d227732b924cfcefad956561e9d000226b6472a1\"\u003ed227732b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-license-manager-user-subscriptions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7fd5d2020b79ef05efcf6857ce1d3b81ef51d781\"\u003e7fd5d202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-partnercentral-account:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ad88edbb4a8ef4029b1d7897f7221c50da491865\"\u003ead88edbb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-schemas:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d8835cfc2971415619c70bd9d298fd2498d8d4b8\"\u003ed8835cfc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-pi:\u003c/strong\u003e  Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b09c19bf6e70f660073b94da11abf5ea4e6ea882\"\u003eb09c19bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-outposts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6e7917a6e550d5190564edefc4f65ea392d864ab\"\u003e6e7917a6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-frauddetector:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9c130d58eb968baaaf07f9f45eae3f01ae7d4d59\"\u003e9c130d58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-network-firewall:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/963a1286bf936d17d6e0df5aad2e1ffb602e469e\"\u003e963a1286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-geo-places:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/965ac97a33901ae783e8ea29c56b80380951d211\"\u003e965ac97a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sesv2:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6f1bd2e812a1aef1c515999880d5de6614562d45\"\u003e6f1bd2e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agent-runtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7ac37e3af8fc13de2a6e5127d417f8a7ecb621a5\"\u003e7ac37e3a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rbin:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5e73fd45b4407462c931a4f82a025d1c2d1d93a9\"\u003e5e73fd45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-codestar-notifications:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d95ca14cfe7e22f165246649e0979be415718077\"\u003ed95ca14c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-application-signals:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/38a20bfa5b7ebd899bbb4382366e6a06e27dc286\"\u003e38a20bfa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bc91aa621fed3c15fecfe07660458aafa59242df\"\u003ebc91aa62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-marketplace-discovery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45132960757e60a48c2eef3b36350c282b32f727\"\u003e45132960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-notificationscontacts:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e9ca97abed6a82e58c6ae305eeda869b13c5b008\"\u003ee9ca97ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/packages/s3-request-presigner/CHANGELOG.md\"\u003e@​aws-sdk/s3-request-presigner's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1052.0...v3.1053.0\"\u003e3.1053.0\u003c/a\u003e (2026-05-22)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1051.0...v3.1052.0\"\u003e3.1052.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1050.0...v3.1051.0\"\u003e3.1051.0\u003c/a\u003e (2026-05-20)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ef69ea687c15e9aae0568660ba3bcdd5174fbec6\"\u003e\u003ccode\u003eef69ea6\u003c/code\u003e\u003c/a\u003e Publish v3.1053.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/443d6beaebc2b72a5b37816657954f4bd2cf68a5\"\u003e\u003ccode\u003e443d6be\u003c/code\u003e\u003c/a\u003e Publish v3.1052.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0d6242dc938f36ac77e337d39f577e8727f87926\"\u003e\u003ccode\u003e0d6242d\u003c/code\u003e\u003c/a\u003e chore(codegen): update \u003ca href=\"https://github.com/smithy\"\u003e\u003ccode\u003e@​smithy\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner/issues/8038\"\u003e#8038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b825c136cb984e7d0a4cda429201175c95ba033d\"\u003e\u003ccode\u003eb825c13\u003c/code\u003e\u003c/a\u003e Publish v3.1051.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/packages/s3-request-presigner\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elevenlabs/elevenlabs-js` from 2.25.1 to 2.49.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/releases\"\u003e@​elevenlabs/elevenlabs-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.49.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Speech Engine] Add full response to Speech Engine API calls by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/396\"\u003eelevenlabs/elevenlabs-js#396\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.49.0...v2.49.1\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.49.0...v2.49.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.49.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd new environment for publish action by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/385\"\u003eelevenlabs/elevenlabs-js#385\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ws from 8.18.3 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/387\"\u003eelevenlabs/elevenlabs-js#387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.8 to 4.7.9 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/388\"\u003eelevenlabs/elevenlabs-js#388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-uri from 3.1.0 to 3.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/389\"\u003eelevenlabs/elevenlabs-js#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/390\"\u003eelevenlabs/elevenlabs-js#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 2.3.1 to 2.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/391\"\u003eelevenlabs/elevenlabs-js#391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSDK regeneration by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/393\"\u003eelevenlabs/elevenlabs-js#393\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/387\"\u003eelevenlabs/elevenlabs-js#387\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.48.0...v2.49.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.48.0...v2.49.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.48.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd environment configuration to conversation initiation data and events by \u003ca href=\"https://github.com/pmarkert\"\u003e\u003ccode\u003e@​pmarkert\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/382\"\u003eelevenlabs/elevenlabs-js#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 18, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/384\"\u003eelevenlabs/elevenlabs-js#384\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pmarkert\"\u003e\u003ccode\u003e@​pmarkert\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/382\"\u003eelevenlabs/elevenlabs-js#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.47.0...v2.48.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.47.0...v2.48.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.47.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 12, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/381\"\u003eelevenlabs/elevenlabs-js#381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpeech Engine SDK by \u003ca href=\"https://github.com/PaulAsjes\"\u003e\u003ccode\u003e@​PaulAsjes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/365\"\u003eelevenlabs/elevenlabs-js#365\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.46.0...v2.47.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.46.0...v2.47.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.46.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e:herb: Fern Regeneration -- May 7, 2026 by \u003ca href=\"https://github.com/fern-api\"\u003e\u003ccode\u003e@​fern-api\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/380\"\u003eelevenlabs/elevenlabs-js#380\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.45.0...v2.46.0\"\u003ehttps://github.com/elevenlabs/elevenlabs-js/compare/v2.45.0...v2.46.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.45.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd keyterms and noVerbatim to Scribe realtime API by \u003ca href=\"https://github.com/kraenhansen\"\u003e\u003ccode\u003e@​kraenhansen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/pull/376\"\u003eelevenlabs/elevenlabs-js#376\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/de61f83d12c24caaeddbe5127e980d623a146219\"\u003e\u003ccode\u003ede61f83\u003c/code\u003e\u003c/a\u003e [Speech Engine] Add full response to Speech Engine API calls (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/396\"\u003e#396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/ce5e816b02d6ee652e144660cde533225a31d56f\"\u003e\u003ccode\u003ece5e816\u003c/code\u003e\u003c/a\u003e SDK regeneration (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/393\"\u003e#393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/c316672d7fc9d3bf902b633226969929adad0dca\"\u003e\u003ccode\u003ec316672\u003c/code\u003e\u003c/a\u003e Bump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/391\"\u003e#391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/90a0b2f7bafec7c4092517cb5baf1a13a202ab0a\"\u003e\u003ccode\u003e90a0b2f\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/390\"\u003e#390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/d94bcf977baf7b09d1cc0fb3370d12b2f24b4ecd\"\u003e\u003ccode\u003ed94bcf9\u003c/code\u003e\u003c/a\u003e Bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/4ead10594456ef36f6488006c8fde76d3b027c70\"\u003e\u003ccode\u003e4ead105\u003c/code\u003e\u003c/a\u003e Bump handlebars from 4.7.8 to 4.7.9 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/388\"\u003e#388\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/d76478e7a1691c17dee4ada1383afc87a1b7a38a\"\u003e\u003ccode\u003ed76478e\u003c/code\u003e\u003c/a\u003e Bump ws from 8.18.3 to 8.20.1 (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/387\"\u003e#387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/6c791ba134eb9231187faecf04b038121150c697\"\u003e\u003ccode\u003e6c791ba\u003c/code\u003e\u003c/a\u003e Add new environment for publish action (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/385\"\u003e#385\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/f1b560be66c2c5311362ee7a01a8de009e92ccb7\"\u003e\u003ccode\u003ef1b560b\u003c/code\u003e\u003c/a\u003e SDK regeneration (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/384\"\u003e#384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/commit/082f76b59c4a365e967210f2b89ebafba99c90b1\"\u003e\u003ccode\u003e082f76b\u003c/code\u003e\u003c/a\u003e Add environment configuration to conversation initiation data and events (\u003ca href=\"https://redirect.github.com/elevenlabs/elevenlabs-js/issues/382\"\u003e#382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elevenlabs/elevenlabs-js/compare/v2.25.1...v2.49.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fal-ai/client` from 1.7.0 to 1.10.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fal-ai/fal-js/releases\"\u003e@​fal-ai/client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eclient-v1.10.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(client): retry Node-level transport errors in subscribe/dispatch by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/211\"\u003efal-ai/fal-js#211\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.10.0...client-v1.10.1\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.10.0...client-v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(client): allow proxy middleware in non-browser runtimes by \u003ca href=\"https://github.com/drochetti\"\u003e\u003ccode\u003e@​drochetti\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/209\"\u003efal-ai/fal-js#209\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.6...client-v1.10.0\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.6...client-v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(realtime): connection closed transition expires token by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/201\"\u003efal-ai/fal-js#201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecleanup realtime state machine and support live references by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/202\"\u003efal-ai/fal-js#202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: supply chain security, enforce minimum age for node dependencies by \u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/205\"\u003efal-ai/fal-js#205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update endpoint types by \u003ca href=\"https://github.com/aykutkardas\"\u003e\u003ccode\u003e@​aykutkardas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/192\"\u003efal-ai/fal-js#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(client): expose lifecycle ACL options in storage settings by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/208\"\u003efal-ai/fal-js#208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: pin GitHub Actions to full commit SHAs by \u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/207\"\u003efal-ai/fal-js#207\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wennergr\"\u003e\u003ccode\u003e@​wennergr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/205\"\u003efal-ai/fal-js#205\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.6\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(realtime): connection closed transition expires token by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/201\"\u003efal-ai/fal-js#201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.5\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.4...client-v1.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use rest.fal.ai by \u003ca href=\"https://github.com/dazip\"\u003e\u003ccode\u003e@​dazip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/198\"\u003efal-ai/fal-js#198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(realtime): refresh tokens in background without dropping the WebSocket connection by \u003ca href=\"https://github.com/noahgsolomon\"\u003e\u003ccode\u003e@​noahgsolomon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/200\"\u003efal-ai/fal-js#200\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.4\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eclient-v1.9.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use rest.fal.ai by \u003ca href=\"https://github.com/dazip\"\u003e\u003ccode\u003e@​dazip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fal-ai/fal-js/pull/198\"\u003efal-ai/fal-js#198\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.3\"\u003ehttps://github.com/fal-ai/fal-js/compare/client-v1.9.2...client-v1.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/442a7571dfa5ea5cf9d2a1192113f207f9bd718c\"\u003e\u003ccode\u003e442a757\u003c/code\u003e\u003c/a\u003e fix(client): retry Node-level transport errors in subscribe/dispatch (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/211\"\u003e#211\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/f12065b6204df92b5b46db11860a7dd3753bd879\"\u003e\u003ccode\u003ef12065b\u003c/code\u003e\u003c/a\u003e feat(client): allow proxy middleware in non-browser runtimes (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/209\"\u003e#209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/f22b69ec10646df097d5f7c89ae2d7372c0518ed\"\u003e\u003ccode\u003ef22b69e\u003c/code\u003e\u003c/a\u003e chore(client): release 1.9.6 and update reference docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/153ed5697302866752d20c205a85030d929ed48c\"\u003e\u003ccode\u003e153ed56\u003c/code\u003e\u003c/a\u003e feat(client): expose lifecycle ACL options in storage settings (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/208\"\u003e#208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/9830f25d025218a0d5eb684ab5193cad58d95955\"\u003e\u003ccode\u003e9830f25\u003c/code\u003e\u003c/a\u003e chore: update endpoint types (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/192\"\u003e#192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/05d73020ecb04dfc23b6a630794f679e4d43ea86\"\u003e\u003ccode\u003e05d7302\u003c/code\u003e\u003c/a\u003e cleanup realtime state machine and support live references (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/5a97ffa4d4c769501f2bec5f504c6d117d52ad39\"\u003e\u003ccode\u003e5a97ffa\u003c/code\u003e\u003c/a\u003e fix(realtime): refresh tokens in background and clear on disconnect (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/b8029266fa1db9e1d9d9bdcddbe57deb21bc89e4\"\u003e\u003ccode\u003eb802926\u003c/code\u003e\u003c/a\u003e fix(realtime): refresh tokens in background without dropping the WebSocket co...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/ea9fc05f35a6919a6a450a9d86f18a3336d73ee0\"\u003e\u003ccode\u003eea9fc05\u003c/code\u003e\u003c/a\u003e fix: use rest.fal.ai (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fal-ai/fal-js/commit/6603299cd3f1424b4cfd7bcc6725fe7dae9b80c9\"\u003e\u003ccode\u003e6603299\u003c/code\u003e\u003c/a\u003e feat(client): pass normalized app+path to TokenProvider (\u003ca href=\"https://github.com/fal-ai/fal-js/tree/HEAD/libs/client/issues/196\"\u003e#196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fal-ai/fal-js/commits/client-v1.10.1/libs/client\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fal-ai/client\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/langgraph` from 1.2.9 to 1.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langgraphjs/releases\"\u003e@​langchain/langgraph's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/langgraph\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.3.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langgraphjs/pull/2415\"\u003e#2415\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langgraphjs/commit/9d3c9dd3182059f9eca9fd9b14d8f7466b4338c4\"\u003e\u003ccode\u003e9d3c9dd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - Move \u003ccode\u003e@langchain/core\u003c/code\u003e from a runtime dependency back to a required peer dependency so installing the SDK alone no longer pulls in \u003ccode\u003e@langchain/core\u003c/code\u003e (and \u003ccode\u003ejs-tiktoken\u003c/code\u003e, etc.). Consumers that use streaming or message coercion must install \u003ccode\u003e@langchain/core\u003c/code\u003e explicitly or via \u003ccode\u003e@langchain/langgraph\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/lang...\n\n_Description has been truncated_","html_url":"https://github.com/SiraGPT-ORg/siraGPT/pull/79","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiraGPT-ORg%2FsiraGPT/issues/79","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/79/packages"}},{"old_version":"0.3.15","new_version":"0.6.0","update_type":"minor","path":null,"pr_created_at":"2026-05-20T05:07:17.000Z","version_change":"0.3.15 → 0.6.0","issue":{"uuid":"4483327331","node_id":"PR_kwDOOd8CGM7dXcQE","number":5,"state":"closed","title":"build(deps): bump the npm_and_yarn group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-24T07:12:44.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-20T05:07:17.000Z","updated_at":"2026-05-24T07:12:46.000Z","time_to_close":353127,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":15,"packages":[{"name":"langsmith","old_version":"0.3.15","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@langchain/core","old_version":"0.3.40","new_version":"0.3.80","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"axios","old_version":"1.7.9","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"flatted","old_version":"3.3.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.2","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.5.2","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"rollup","old_version":"4.34.7","new_version":"4.60.4","repository_url":"https://github.com/rollup/rollup"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.15","repository_url":"https://github.com/isaacs/node-tar"},{"name":"vite","old_version":"6.1.0","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 14 updates in the /js directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.15` | `0.6.0` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [@langchain/core](https://github.com/langchain-ai/langchainjs) | `0.3.40` | `0.3.80` |\n| [axios](https://github.com/axios/axios) | `1.7.9` | `1.16.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.2` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.2` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `9.0.9` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.2` | `8.5.15` |\n| [rollup](https://github.com/rollup/rollup) | `4.34.7` | `4.60.4` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.15` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.1.0` | `6.4.2` |\n\n\nUpdates `langsmith` from 0.3.15 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(openai): Add use responses API to OpenAI wrapper by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2218\"\u003elangchain-ai/langsmith-sdk#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(py): Fix Python integration tests by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2219\"\u003elangchain-ai/langsmith-sdk#2219\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add invocation param tracing for OpenAI responses wrapper in JS by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2220\"\u003elangchain-ai/langsmith-sdk#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore empty string by \u003ca href=\"https://github.com/hinthornw\"\u003e\u003ccode\u003e@​hinthornw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2225\"\u003elangchain-ai/langsmith-sdk#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove duplicate patch from claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2189\"\u003elangchain-ai/langsmith-sdk#2189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Fix JS Memory Leak clean child_runs by \u003ca href=\"https://github.com/amodelaweb\"\u003e\u003ccode\u003e@​amodelaweb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2228\"\u003elangchain-ai/langsmith-sdk#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Make traced async iterators call finally on success by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2230\"\u003elangchain-ai/langsmith-sdk#2230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): 0.4.1 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2231\"\u003elangchain-ai/langsmith-sdk#2231\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/71b71893b45953b9f339bc62a8037469da4fc914\"\u003e\u003ccode\u003e71b7189\u003c/code\u003e\u003c/a\u003e feat(python): Bump pydantic to v2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/1482c9c3f689680e448da66e75c377a8f5bb00ae\"\u003e\u003ccode\u003e1482c9c\u003c/code\u003e\u003c/a\u003e feat: add prompt cache back and setup environment tests (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3ebe56bd56c16616945e7bf9d6860c2c42f1a782\"\u003e\u003ccode\u003e3ebe56b\u003c/code\u003e\u003c/a\u003e release(js): bump to 0.4.4 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2259\"\u003e#2259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8b87f144ef5d2c6a5b3e9bf3f86ba49ca571f198\"\u003e\u003ccode\u003e8b87f14\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2257\"\u003e#2257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/43335d5ac9eda253671b0300e38b248e35882f30\"\u003e\u003ccode\u003e43335d5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;feat: add js prompt caching\u0026quot; (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/ae71b5e7cdc44a8868b8d4de8696bd6b3c70f1ac\"\u003e\u003ccode\u003eae71b5e\u003c/code\u003e\u003c/a\u003e chore(js): bump JS to 0.4.3 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2253\"\u003e#2253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/9fd842cf020d4825a34ce4bf6aa7d678e6813e34\"\u003e\u003ccode\u003e9fd842c\u003c/code\u003e\u003c/a\u003e bump(python): 0.5.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2256\"\u003e#2256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/8fd1283fcf7d0f284f36287ac9975b2ca8661f9a\"\u003e\u003ccode\u003e8fd1283\u003c/code\u003e\u003c/a\u003e fix(claude): correctly parse llm and tool inputs in claude agent sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/2903578ef415dd785b95dc9cce95c1ba2f8f4f23\"\u003e\u003ccode\u003e2903578\u003c/code\u003e\u003c/a\u003e feat: add js prompt caching (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2251\"\u003e#2251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commit/3f1d68058251de9e4204c7b9d5c65729dce401eb\"\u003e\u003ccode\u003e3f1d680\u003c/code\u003e\u003c/a\u003e feat: add prompt caching to python sdk (\u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2246\"\u003e#2246\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.3.15...v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for langsmith since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/core` from 0.3.40 to 0.3.80\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2954498b052b3ebc30b8ff37a11db1953f4ae0f0\"\u003e\u003ccode\u003e2954498\u003c/code\u003e\u003c/a\u003e chore(docs): Update llms.text redirect (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/9988\"\u003e#9988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/b2f3c2354edc8e9a0386f475839b0e40a21c3cc9\"\u003e\u003ccode\u003eb2f3c23\u003c/code\u003e\u003c/a\u003e fix(docs): v0.3 redirects fix (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/9929\"\u003e#9929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/e8fbaf3131a8f5715516e50b92490941c7554abb\"\u003e\u003ccode\u003ee8fbaf3\u003c/code\u003e\u003c/a\u003e add core docs redir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/22c28eff1297cfbd1a8189bea9cdf9ad276777a5\"\u003e\u003ccode\u003e22c28ef\u003c/code\u003e\u003c/a\u003e fix(docs): Fix redirects (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/9908\"\u003e#9908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/926dc85e9c9b020a80985c38fdee026d6a2b8bde\"\u003e\u003ccode\u003e926dc85\u003c/code\u003e\u003c/a\u003e x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/dbf05fdc6577bb1e7e1b42d7b9fc293465021140\"\u003e\u003ccode\u003edbf05fd\u003c/code\u003e\u003c/a\u003e fix - sry for spam\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/6854916777fb83547fdfa734e502e379df05fcb5\"\u003e\u003ccode\u003e6854916\u003c/code\u003e\u003c/a\u003e fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/c869f64450dfc7fd1d883416d919533d1276eb6a\"\u003e\u003ccode\u003ec869f64\u003c/code\u003e\u003c/a\u003e add index\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/b29d1940d00a5debb59660812637953ffe97fb12\"\u003e\u003ccode\u003eb29d194\u003c/code\u003e\u003c/a\u003e fix output dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3605e971bcee5288cf02316311727aae0985d718\"\u003e\u003ccode\u003e3605e97\u003c/code\u003e\u003c/a\u003e null framework\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langchainjs/compare/@langchain/community==0.3.40...@langchain/core==0.3.80\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~hntrl\"\u003ehntrl\u003c/a\u003e, a new releaser for \u003ccode\u003e@​langchain/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.7.9 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.7.9...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.2 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.2...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.9 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.9...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.2 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://g...\n\n_Description has been truncated_","html_url":"https://github.com/HarleyCoops/openevals/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Fopenevals/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"0.3.58","new_version":"0.7.1","update_type":"minor","path":null,"pr_created_at":"2026-05-19T21:02:30.000Z","version_change":"0.3.58 → 0.7.1","issue":{"uuid":"4481023404","node_id":"PR_kwDOPbw1mM7dQJVl","number":86,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-06-06T21:55:48.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T21:02:30.000Z","updated_at":"2026-06-06T21:55:49.000Z","time_to_close":1558398,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":15,"packages":[{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"hono","old_version":"4.9.1","new_version":"4.12.18","repository_url":"https://github.com/honojs/hono"},{"name":"next","old_version":"16.0.7","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"nuxt","old_version":"4.1.3","new_version":"4.4.6","repository_url":"https://github.com/nuxt/nuxt"},{"name":"axios","old_version":"1.11.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"5.0.6","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"dompurify","old_version":"3.3.0","new_version":"3.4.5","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"fast-uri","old_version":"2.4.0","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"langsmith","old_version":"0.3.58","new_version":"0.7.1","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"protobufjs","old_version":"7.5.3","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [hono](https://github.com/honojs/hono) | `4.9.1` | `4.12.18` |\n| [next](https://github.com/vercel/next.js) | `16.0.7` | `16.2.6` |\n| [nuxt](https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt) | `4.1.3` | `4.4.6` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.15.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `5.0.6` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.0` | `3.4.5` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `2.4.0` | `3.1.2` |\n| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.3.58` | `0.7.1` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.5.3` | `7.6.0` |\n\n\nUpdates `uuid` from 9.0.1 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.1...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.9.1 to 4.12.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.18\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eCache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage\u003c/h3\u003e\n\u003cp\u003eAffects: Cache Middleware. Fixes missing cache-skip handling for \u003ccode\u003eVary: Authorization\u003c/code\u003e and \u003ccode\u003eVary: Cookie\u003c/code\u003e, where a response cached for one authenticated user could be served to other users. GHSA-p77w-8qqv-26rm\u003c/p\u003e\n\u003ch3\u003eCSS Declaration Injection via Style Object Values in JSX SSR\u003c/h3\u003e\n\u003cp\u003eAffects: hono/jsx. Fixes a missing CSS-context escape for \u003ccode\u003estyle\u003c/code\u003e object values and property names, where untrusted input could inject additional CSS declarations. The impact is limited to CSS and does not allow JavaScript execution. GHSA-qp7p-654g-cw7p\u003c/p\u003e\n\u003ch3\u003eImproper validation of NumericDate claims (exp, nbf, iat) in JWT verify()\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/utils/jwt\u003c/code\u003e. Fixes improper validation of \u003ccode\u003eexp\u003c/code\u003e, \u003ccode\u003enbf\u003c/code\u003e, and \u003ccode\u003eiat\u003c/code\u003e claims, where falsy, non-finite, or non-numeric values could silently bypass time-based checks instead of being rejected per RFC 7519. GHSA-hm8q-7f3q-5f36\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use the JWT helper, hono/jsx, or the Cache middleware are strongly encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.17\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(jsx): normalize SVG attributes on the \u003c!-- raw HTML omitted --\u003e root element by \u003ca href=\"https://github.com/kfly8\"\u003e\u003ccode\u003e@​kfly8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4893\"\u003ehonojs/hono#4893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ssg): add \u003ccode\u003eatom+xml\u003c/code\u003e and \u003ccode\u003erss+xml\u003c/code\u003e to \u003ccode\u003edefaultExtensionMap\u003c/code\u003e by \u003ca href=\"https://github.com/yuintei\"\u003e\u003ccode\u003e@​yuintei\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4899\"\u003ehonojs/hono#4899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(cors): make origin optional in CORSOptions by \u003ca href=\"https://github.com/truffle-dev\"\u003e\u003ccode\u003e@​truffle-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4905\"\u003ehonojs/hono#4905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(types): propagate middleware response types to app.on overloads by \u003ca href=\"https://github.com/T4ko0522\"\u003e\u003ccode\u003e@​T4ko0522\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4906\"\u003ehonojs/hono#4906\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kfly8\"\u003e\u003ccode\u003e@​kfly8\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4893\"\u003ehonojs/hono#4893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/truffle-dev\"\u003e\u003ccode\u003e@​truffle-dev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4905\"\u003ehonojs/hono#4905\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.16...v4.12.17\"\u003ehttps://github.com/honojs/hono/compare/v4.12.16...v4.12.17\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.16\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eUnvalidated JSX Tag Names in hono/jsx May Allow HTML Injection\u003c/h3\u003e\n\u003cp\u003eAffects: hono/jsx. Fixes missing validation of JSX tag names when using \u003ccode\u003ejsx()\u003c/code\u003e or \u003ccode\u003ecreateElement()\u003c/code\u003e, which could allow HTML injection if untrusted input is used as the tag name. GHSA-69xw-7hcm-h432\u003c/p\u003e\n\u003ch3\u003ebodyLimit() can be bypassed for chunked / unknown-length requests\u003c/h3\u003e\n\u003cp\u003eAffects: Body Limit Middleware. Fixes late enforcement for request bodies without a reliable Content-Length (e.g. chunked requests), where oversized requests could reach handlers and return successful responses before being rejected. GHSA-9vqf-7f2p-gf9v\u003c/p\u003e\n\u003ch2\u003ev4.12.15\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(jwt): support single-line PEM keys by \u003ca href=\"https://github.com/hiendv\"\u003e\u003ccode\u003e@​hiendv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4889\"\u003ehonojs/hono#4889\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f10dee89ced5956b73c1cdc416d6bc0fd54d63b7\"\u003e\u003ccode\u003ef10dee8\u003c/code\u003e\u003c/a\u003e 4.12.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a5bd9ebead279ed9d0239ecbd854f629edfc0e57\"\u003e\u003ccode\u003ea5bd9eb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/58d3d3ad5656e007ed99da1b73865975952de5e9\"\u003e\u003ccode\u003e58d3d3a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/568c2ecc1dd556894fad4dfa4a7ba499db6dba9c\"\u003e\u003ccode\u003e568c2ec\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/ff2b3d31df1be35f7d597a95dd3369402b6e87f2\"\u003e\u003ccode\u003eff2b3d3\u003c/code\u003e\u003c/a\u003e 4.12.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/52aaaf9714b06303ce5caa655b1d80675be687e9\"\u003e\u003ccode\u003e52aaaf9\u003c/code\u003e\u003c/a\u003e fix(types): propagate middleware response types to app.on overloads (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4906\"\u003e#4906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/76d5589e9b0569f4e74ec37e8dd6979455f70dfa\"\u003e\u003ccode\u003e76d5589\u003c/code\u003e\u003c/a\u003e fix(cors): make origin optional in CORSOptions (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4905\"\u003e#4905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/8f027e5574e91e3c7f263a728656e3888559e51a\"\u003e\u003ccode\u003e8f027e5\u003c/code\u003e\u003c/a\u003e fix(ssg): add \u003ccode\u003eatom+xml\u003c/code\u003e and \u003ccode\u003erss+xml\u003c/code\u003e to \u003ccode\u003edefaultExtensionMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4899\"\u003e#4899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/bfba97ca7ea3d4541a3419f1749e5a1a3e8f1727\"\u003e\u003ccode\u003ebfba97c\u003c/code\u003e\u003c/a\u003e fix(jsx): normalize SVG attributes on the \u0026lt;svg\u0026gt; root element (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4893\"\u003e#4893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/90d4182aabd328e2ec6af3f25ec62ddc574ad8cb\"\u003e\u003ccode\u003e90d4182\u003c/code\u003e\u003c/a\u003e 4.12.16\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.9.1...v4.12.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 16.0.7 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.0.7...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nuxt` from 4.1.3 to 4.4.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nuxt/nuxt/releases\"\u003enuxt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e4.4.6 is the next patch release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003e👉 Changelog\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nuxt/nuxt/compare/v4.4.5...v4.4.6\"\u003ecompare changes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003evite:\u003c/strong\u003e Use spa entry for vite-node fallback (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35037\"\u003e#35037\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evite:\u003c/strong\u003e Invalidate SSR module cache when modules are invalidated via plugin hooks (\u003ca href=\"https://github.com/nuxt/nuxt/commit/a86657a0e\"\u003ea86657a0e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Match deduplicated \u003ccode\u003eresolveComponent\u003c/code\u003e calls in jsx blocks (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35028\"\u003e#35028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Prefer our own builder/server deps (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35029\"\u003e#35029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Update \u003ccode\u003euseFetch\u003c/code\u003e key even with \u003ccode\u003ewatch: false\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35002\"\u003e#35002\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Mark \u003ccode\u003e@babel/plugin-syntax-typescript\u003c/code\u003e as optional peer dep (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35041\"\u003e#35041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Add json extension to payload cache items (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35043\"\u003e#35043\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Handle errors fetching app manifest (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35050\"\u003e#35050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Encode html-significant characters in external redirect body (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35052\"\u003e#35052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Preserve \u003ccode\u003esetPageLayout\u003c/code\u003e props on same-path navigation (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35055\"\u003e#35055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evite:\u003c/strong\u003e Don't strip buildAssetsDir from vite-node SSR ids (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35040\"\u003e#35040\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Mark \u003ccode\u003euseLoadingIndicator\u003c/code\u003e properties as readonly (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35062\"\u003e#35062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evite:\u003c/strong\u003e Strip queries in css inline styles map (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35067\"\u003e#35067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Validate island request hash matches props (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35077\"\u003e#35077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Use regexp to strip query (\u003ca href=\"https://github.com/nuxt/nuxt/commit/163e18d4b\"\u003e163e18d4b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro:\u003c/strong\u003e Use \u003ccode\u003estatusCode\u003c/code\u003e for nitro v2 compatibility (\u003ca href=\"https://github.com/nuxt/nuxt/commit/952f6841e\"\u003e952f6841e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enitro-server:\u003c/strong\u003e Re-export h3 named symbols statically (\u003ca href=\"https://github.com/nuxt/nuxt/commit/cd99001c8\"\u003ecd99001c8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Render component-less parent routes during client-side nav (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35036\"\u003e#35036\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ekit:\u003c/strong\u003e Respect \u003ccode\u003etsConfig.exclude\u003c/code\u003e in legacy \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35079\"\u003e#35079\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enuxt:\u003c/strong\u003e Run middleware for page islands (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35092\"\u003e#35092\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e💅 Refactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erspack,webpack:\u003c/strong\u003e Extract same-origin check for dev middleware (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35051\"\u003e#35051\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📖 Documentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove CSB, set node 22 and use steps for clarity (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35066\"\u003e#35066\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🏡 Chore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOne more type, one more (\u003ca href=\"https://github.com/nuxt/nuxt/commit/50dcf15bb\"\u003e50dcf15bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove unneeded (?) overrides (\u003ca href=\"https://github.com/nuxt/nuxt/commit/6997093af\"\u003e6997093af\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse explicit versions for fixture dependencies (\u003ca href=\"https://github.com/nuxt/nuxt/commit/294a734d4\"\u003e294a734d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore link-like syntax in code (\u003ca href=\"https://github.com/nuxt/nuxt/commit/2584a549c\"\u003e2584a549c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow engines.node in test (\u003ca href=\"https://github.com/nuxt/nuxt/commit/5bb17fb47\"\u003e5bb17fb47\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove unused import (\u003ca href=\"https://github.com/nuxt/nuxt/commit/a52d78626\"\u003ea52d78626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e✅ Tests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelax relative time assertion (\u003ca href=\"https://github.com/nuxt/nuxt/commit/c3dcd16f9\"\u003ec3dcd16f9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type (\u003ca href=\"https://github.com/nuxt/nuxt/commit/732d844ad\"\u003e732d844ad\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop h3 v2 types (\u003ca href=\"https://github.com/nuxt/nuxt/commit/8286e5fcd\"\u003e8286e5fcd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🤖 CI\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClean up agent-scan workflow (\u003ca href=\"https://github.com/nuxt/nuxt/commit/ab8317547\"\u003eab8317547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eContinue autofix workflow when \u003ccode\u003etest:engines\u003c/code\u003e fails (\u003ca href=\"https://github.com/nuxt/nuxt/commit/3025e561e\"\u003e3025e561e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove workflows (\u003ca href=\"https://redirect.github.com/nuxt/nuxt/pull/35088\"\u003e#35088\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDaniel Roe (\u003ca href=\"https://github.com/danielroe\"\u003e\u003ccode\u003e@​danielroe\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/30a45f7bb206a8373b9183e60eb344891a6f5bb8\"\u003e\u003ccode\u003e30a45f7\u003c/code\u003e\u003c/a\u003e v4.4.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/e881fe84e80d6afa7c55f3f985c996e0d4611220\"\u003e\u003ccode\u003ee881fe8\u003c/code\u003e\u003c/a\u003e fix(nuxt): run middleware for page islands (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35092\"\u003e#35092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/3310097260377d77fbdc46dc54ff97b0d60ca900\"\u003e\u003ccode\u003e3310097\u003c/code\u003e\u003c/a\u003e fix(nuxt): render component-less parent routes during client-side nav (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35036\"\u003e#35036\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/b29f805a23821a139bf826b4c3094accf551dfd6\"\u003e\u003ccode\u003eb29f805\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (4.x) (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35075\"\u003e#35075\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/e9cddf4c7981cf20bbf6f93a99a6b317a8a94884\"\u003e\u003ccode\u003ee9cddf4\u003c/code\u003e\u003c/a\u003e fix(nitro): validate island request hash matches props (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35077\"\u003e#35077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/749972167f68d488df84fc644f06cb6900b1cdab\"\u003e\u003ccode\u003e7499721\u003c/code\u003e\u003c/a\u003e fix(nuxt): mark \u003ccode\u003euseLoadingIndicator\u003c/code\u003e properties as readonly (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35062\"\u003e#35062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/38507a8c1da20183074a2f54bc6ad3308b00aa8c\"\u003e\u003ccode\u003e38507a8\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency cssnano to v8 (4.x) (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35038\"\u003e#35038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/5abe6d32d114f647461fd14552c2a49d25c1996a\"\u003e\u003ccode\u003e5abe6d3\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (4.x) (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35046\"\u003e#35046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/4bdd9dd4a1ca999ba4bf16e6e8fc052a3d8d4441\"\u003e\u003ccode\u003e4bdd9dd\u003c/code\u003e\u003c/a\u003e fix(nuxt): preserve \u003ccode\u003esetPageLayout\u003c/code\u003e props on same-path navigation (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35055\"\u003e#35055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nuxt/nuxt/commit/1ca9c4494e7c8b32a79aa2f4031554f932114516\"\u003e\u003ccode\u003e1ca9c44\u003c/code\u003e\u003c/a\u003e fix(nuxt): encode html-significant characters in external redirect body (\u003ca href=\"https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt/issues/35052\"\u003e#35052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nuxt/nuxt/commits/v4.4.6/packages/nuxt\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.11.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 5.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efmt  5a5cc17\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  0b6a978\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v4.0.0...v4.0.1\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v4.0.0...v4.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use string replaces instead of splits (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/64\"\u003e#64\u003c/a\u003e)  278132b\u003c/li\u003e\n\u003cli\u003efmt  dd72a59\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003etea.yaml\u003c/code\u003e  70e4c1b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v3.0.0...v4.0.0\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v3.0.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAs a precaution to not risk breaking anything with 278132b, this is a new semver major release\u003c/p\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 3.x  3059c07\u003c/li\u003e\n\u003cli\u003efmt  8229e6f\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  15f9b3c\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v3.0.0...v3.0.1\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v3.0.0...v3.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to ES Modules and balanced-match 3.0.0 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/62\"\u003e#62\u003c/a\u003e)  c0360e8\u003c/li\u003e\n\u003cli\u003eadded jsdoc (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/55\"\u003e#55\u003c/a\u003e)  68c0e37\u003c/li\u003e\n\u003cli\u003enode 16 is EOL  9e781e9\u003c/li\u003e\n\u003cli\u003eadd standard  3494c4d\u003c/li\u003e\n\u003cli\u003euse const and let (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/57\"\u003e#57\u003c/a\u003e)  dd5a4cb\u003c/li\u003e\n\u003cli\u003edocs  6dad209\u003c/li\u003e\n\u003cli\u003eremove \u003ccode\u003etest\u003c/code\u003e  e3dd8ae\u003c/li\u003e\n\u003cli\u003eci: update node versions  d23ede9\u003c/li\u003e\n\u003cli\u003edocs: add \u003ca href=\"https://github.com/lanodan\"\u003e\u003ccode\u003e@​lanodan\u003c/code\u003e\u003c/a\u003e to contributors  1eb3fa4\u003c/li\u003e\n\u003cli\u003edocs  1e7c9cd\u003c/li\u003e\n\u003cli\u003eswitch from tape to test module (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/60\"\u003e#60\u003c/a\u003e)  2520537\u003c/li\u003e\n\u003cli\u003eBump minimist from 1.2.5 to 1.2.6 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/59\"\u003e#59\u003c/a\u003e)  61a94f1\u003c/li\u003e\n\u003cli\u003eBump path-parse from 1.0.6 to 1.0.7 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/51\"\u003e#51\u003c/a\u003e)  dc741cf\u003c/li\u003e\n\u003cli\u003edocs: add back ci badge  8ee5626\u003c/li\u003e\n\u003cli\u003eAdd github actions, remove travis. Closes \u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/52\"\u003e#52\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/53\"\u003e#53\u003c/a\u003e)  5c8756a\u003c/li\u003e\n\u003cli\u003eCI: Drop unused sudo: false Travis directive (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/50\"\u003e#50\u003c/a\u003e)  05978a7\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v3.0.0\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v3.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/46317b5d8779c151d24f65c9c139cd076f91a1c3\"\u003e\u003ccode\u003e46317b5\u003c/code\u003e\u003c/a\u003e 5.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c0b095bdc52bc4c36dc88deddbadabc49f8371e5\"\u003e\u003ccode\u003ec0b095b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ec5602085a81ca7c954f6780c6a3aef0b1e200cf\"\u003e\u003ccode\u003eec56020\u003c/code\u003e\u003c/a\u003e Bump picomatch from 4.0.3 to 4.0.4 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/87939017c6cb6be56b98c6fa2059b073315cd534\"\u003e\u003ccode\u003e8793901\u003c/code\u003e\u003c/a\u003e 5.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/9a02af5c5c80731fae470cc3218c16876bb25051\"\u003e\u003ccode\u003e9a02af5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a\"\u003e\u003ccode\u003edaa71bc\u003c/code\u003e\u003c/a\u003e Bump tar from 7.5.10 to 7.5.11 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/799e5f7a222b0ea29052090b80fab2125a846543\"\u003e\u003ccode\u003e799e5f7\u003c/code\u003e\u003c/a\u003e Bump tar from 7.5.9 to 7.5.10 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/90\"\u003e#90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/012c230b7f71ca0c43febfa2dc3b710f63f129dd\"\u003e\u003ccode\u003e012c230\u003c/code\u003e\u003c/a\u003e 5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/243c491714270462decf1293b395e0aa6f6c15c4\"\u003e\u003ccode\u003e243c491\u003c/code\u003e\u003c/a\u003e Fix handling of brackets. Closes \u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/87\"\u003e#87\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/609f8588070198ca6ff7132d2f78bbae5c991b93\"\u003e\u003ccode\u003e609f858\u003c/code\u003e\u003c/a\u003e Correct incorrect brace-expansion import (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/89\"\u003e#89\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v5.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 5.3.2 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2ee...\n\n_Description has been truncated_","html_url":"https://github.com/Sherlock999xxx/voltagent/pull/86","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sherlock999xxx%2Fvoltagent/issues/86","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/86/packages"}},{"old_version":"0.5.26","new_version":"0.6.0","update_type":"minor","path":null,"pr_created_at":"2026-05-19T17:54:57.000Z","version_change":"0.5.26 → 0.6.0","issue":{"uuid":"4479740145","node_id":"PR_kwDOO6zy8c7dL6Cr","number":107,"state":"open","title":"Bump the npm_and_yarn group across 12 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":10,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T17:54:57.000Z","updated_at":"2026-05-19T19:01:07.042Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"axios","old_version":"1.15.1","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"langsmith","old_version":"0.5.26","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"vm2","old_version":"3.11.2","new_version":"3.11.3","repository_url":"https://github.com/patriksimek/vm2"},{"name":"langsmith","old_version":"0.5.26","new_version":"0.6.0","repository_url":"https://github.com/langchain-ai/langsmith-sdk"},{"name":"vm2","old_version":"3.11.2","new_version":"3.11.3","repository_url":"https://github.com/patriksimek/vm2"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"protobufjs","old_version":"7.4.0","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"protobufjs","old_version":"7.4.0","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"5.0.6","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"protobufjs","old_version":"7.5.4","new_version":"7.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"5.0.5","repository_url":"https://github.com/juliangruber/brace-expansion"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the / directory: [axios](https://github.com/axios/axios), [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [vm2](https://github.com/patriksimek/vm2).\nBumps the npm_and_yarn group with 2 updates in the /desktop directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [vm2](https://github.com/patriksimek/vm2).\nBumps the npm_and_yarn group with 1 update in the /docs/sdk/trigger-llms.md/anchor-browser-web-scraper directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /docs/sdk/trigger-llms.md/batch-llm-evaluator directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /docs/sdk/trigger-llms.md/building-effective-agents directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /docs/sdk/trigger-llms.md/changelog-generator directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /docs/sdk/trigger-llms.md/claude-agent-github-wiki directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /docs/sdk/trigger-llms.md/claude-agent-sdk-trigger directory: [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 2 updates in the /docs/sdk/trigger-llms.md/claude-thinking-chatbot directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /packages/shared/cli directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 4 updates in the /web directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk), [vm2](https://github.com/patriksimek/vm2), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html).\nBumps the npm_and_yarn group with 1 update in the /web/.bing-shared/cli directory: [axios](https://github.com/axios/axios).\n\nUpdates `axios` from 1.15.1 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.5.26 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vm2` from 3.11.2 to 3.11.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/releases\"\u003evm2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.11.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eSecurity fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-248r-7h7q-cr24\u003c/strong\u003e — Async generator \u003ccode\u003eyield*\u003c/code\u003e-return thenable exception capture (RCE)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patriksimek/vm2/blob/main/docs/ATTACKS.md\"\u003e\u003ccode\u003edocs/ATTACKS.md\u003c/code\u003e\u003c/a\u003e updated through Category 29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\"\u003ehttps://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/blob/main/CHANGELOG.md\"\u003evm2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.11.3]\u003c/h2\u003e\n\u003cp\u003ePatch release — no API changes.\u003c/p\u003e\n\u003ch3\u003eSecurity fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-248r-7h7q-cr24\u003c/strong\u003e — async generator \u003ccode\u003eyield*\u003c/code\u003e-return thenable exception capture. Calling \u003ccode\u003ei.return(thenable)\u003c/code\u003e on an async generator delegating to a no-\u003ccode\u003ereturn\u003c/code\u003e inner iterator let V8's \u003ccode\u003ePromiseResolveThenableJob\u003c/code\u003e capture synchronous throws from the thenable's \u003ccode\u003e.then\u003c/code\u003e and surface them to sandbox code as iterator results — bypassing both the transformer's \u003ccode\u003ecatch\u003c/code\u003e instrumentation and the \u003ccode\u003eglobalPromise.prototype.then\u003c/code\u003e rejection sanitiser. Two-layer defense on \u003ccode\u003e%AsyncGeneratorPrototype%.next/.return/.throw\u003c/code\u003e in \u003ccode\u003elib/setup-sandbox.js\u003c/code\u003e: every iterator-result promise routes value and rejection through \u003ccode\u003ehandleException\u003c/code\u003e, and every thenable argument is replaced with a sandbox-realm wrapper whose \u003ccode\u003e.then\u003c/code\u003e is a fixed \u003ccode\u003esafeThen\u003c/code\u003e that sanitises sync throws and recursively re-wraps any nested thenable handed to \u003ccode\u003eresolve(...)\u003c/code\u003e. When \u003ccode\u003esafeThen\u003c/code\u003e reads \u003ccode\u003evalue.then\u003c/code\u003e and it is non-function, the wrapper always resolves with a \u003ccode\u003e{__proto__: null}\u003c/code\u003e shadow so V8's re-read of \u003ccode\u003e.then\u003c/code\u003e cannot observe attacker-controlled values — closing every counting/self-replacing-getter TOCTOU variant. Trade-off: identity is not preserved for non-thenable values passed to \u003ccode\u003ei.return(x)\u003c/code\u003e. ATTACKS.md Category 29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patriksimek/vm2/commit/093494c0c3ef2390d2e56909f9d56e290e6f18b0\"\u003e\u003ccode\u003e093494c\u003c/code\u003e\u003c/a\u003e fix(GHSA-248r-7h7q-cr24): close async generator yield*-return thenable except...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `langsmith` from 0.5.26 to 0.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/releases\"\u003elangsmith's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(js): bump JS to 0.4.3 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253\"\u003elangchain-ai/langsmith-sdk#2253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: add js prompt caching\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258\"\u003elangchain-ai/langsmith-sdk#2258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Replace UUID5 with deterministic UUID7 for replicas\u0026quot; by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257\"\u003elangchain-ai/langsmith-sdk#2257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(js): bump to 0.4.4 by \u003ca href=\"https://github.com/dqbd\"\u003e\u003ccode\u003e@​dqbd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259\"\u003elangchain-ai/langsmith-sdk#2259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt cache back and setup environment tests by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260\"\u003elangchain-ai/langsmith-sdk#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(python): Bump pydantic to v2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248\"\u003elangchain-ai/langsmith-sdk#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.6.0rc0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(js): Add support for tracing AI SDK 6 by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237\"\u003elangchain-ai/langsmith-sdk#2237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(js): Remove default Jestlike timeout by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243\"\u003elangchain-ai/langsmith-sdk#2243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(js): Add support for tracing tool loop agent by \u003ca href=\"https://github.com/jacoblee93\"\u003e\u003ccode\u003e@​jacoblee93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244\"\u003elangchain-ai/langsmith-sdk#2244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Replace UUID5 with deterministic UUID7 for replicas by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249\"\u003elangchain-ai/langsmith-sdk#2249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add prompt caching to python sdk by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246\"\u003elangchain-ai/langsmith-sdk#2246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add js prompt caching by \u003ca href=\"https://github.com/langchain-infra\"\u003e\u003ccode\u003e@​langchain-infra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251\"\u003elangchain-ai/langsmith-sdk#2251\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(claude): correctly parse llm and tool inputs in claude agent sdk by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255\"\u003elangchain-ai/langsmith-sdk#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump(python): 0.5.2 by \u003ca href=\"https://github.com/angus-langchain\"\u003e\u003ccode\u003e@​angus-langchain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256\"\u003elangchain-ai/langsmith-sdk#2256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\"\u003ehttps://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/langchain-ai/langsmith-sdk/commits/v0.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vm2` from 3.11.2 to 3.11.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/releases\"\u003evm2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.11.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eSecurity fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-248r-7h7q-cr24\u003c/strong\u003e — Async generator \u003ccode\u003eyield*\u003c/code\u003e-return thenable exception capture (RCE)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patriksimek/vm2/blob/main/docs/ATTACKS.md\"\u003e\u003ccode\u003edocs/ATTACKS.md\u003c/code\u003e\u003c/a\u003e updated through Category 29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\"\u003ehttps://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patriksimek/vm2/blob/main/CHANGELOG.md\"\u003evm2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.11.3]\u003c/h2\u003e\n\u003cp\u003ePatch release — no API changes.\u003c/p\u003e\n\u003ch3\u003eSecurity fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGHSA-248r-7h7q-cr24\u003c/strong\u003e — async generator \u003ccode\u003eyield*\u003c/code\u003e-return thenable exception capture. Calling \u003ccode\u003ei.return(thenable)\u003c/code\u003e on an async generator delegating to a no-\u003ccode\u003ereturn\u003c/code\u003e inner iterator let V8's \u003ccode\u003ePromiseResolveThenableJob\u003c/code\u003e capture synchronous throws from the thenable's \u003ccode\u003e.then\u003c/code\u003e and surface them to sandbox code as iterator results — bypassing both the transformer's \u003ccode\u003ecatch\u003c/code\u003e instrumentation and the \u003ccode\u003eglobalPromise.prototype.then\u003c/code\u003e rejection sanitiser. Two-layer defense on \u003ccode\u003e%AsyncGeneratorPrototype%.next/.return/.throw\u003c/code\u003e in \u003ccode\u003elib/setup-sandbox.js\u003c/code\u003e: every iterator-result promise routes value and rejection through \u003ccode\u003ehandleException\u003c/code\u003e, and every thenable argument is replaced with a sandbox-realm wrapper whose \u003ccode\u003e.then\u003c/code\u003e is a fixed \u003ccode\u003esafeThen\u003c/code\u003e that sanitises sync throws and recursively re-wraps any nested thenable handed to \u003ccode\u003eresolve(...)\u003c/code\u003e. When \u003ccode\u003esafeThen\u003c/code\u003e reads \u003ccode\u003evalue.then\u003c/code\u003e and it is non-function, the wrapper always resolves with a \u003ccode\u003e{__proto__: null}\u003c/code\u003e shadow so V8's re-read of \u003ccode\u003e.then\u003c/code\u003e cannot observe attacker-controlled values — closing every counting/self-replacing-getter TOCTOU variant. Trade-off: identity is not preserved for non-thenable values passed to \u003ccode\u003ei.return(x)\u003c/code\u003e. ATTACKS.md Category 29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patriksimek/vm2/commit/093494c0c3ef2390d2e56909f9d56e290e6f18b0\"\u003e\u003ccode\u003e093494c\u003c/code\u003e\u003c/a\u003e fix(GHSA-248r-7h7q-cr24): close async generator yield*-return thenable except...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/patriksimek/vm2/compare/v3.11.2...v3.11.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.0/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.1 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1ee4a9069c69a51bd502aab289c0c6629c8920ca\"\u003e\u003ccode\u003e1ee4a90\u003c/code\u003e\u003c/a\u003e 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b0302ac153ecfaad66752aac79bf30d2895db8f1\"\u003e\u003ccode\u003eb0302ac\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v2 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.4.0 to 7.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.0/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.4.0 to 7.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.0/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 5.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1ee4a9069c69a51bd502aab289c0c6629c8920ca\"\u003e\u003ccode\u003e1ee4a90\u003c/code\u003e\u003c/a\u003e 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b0302ac153ecfaad66752aac79bf30d2895db8f1\"\u003e\u003ccode\u003eb0302ac\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v2 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.5.4 to 7.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.0/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e30c3341382b504a975d0d83f19170218cb461c3\"\u003e\u003ccode\u003ee30c334\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2260\"\u003e#2260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003e\u003ccode\u003ef769242\u003c/code\u003e\u003c/a\u003e feat: Support BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1ee4a9069c69a51bd502aab289c0c6629c8920ca\"\u003e\u003ccode\u003e1ee4a90\u003c/code\u003e\u003c/a\u003e 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b0302ac153ecfaad66752aac79bf30d2895db8f1\"\u003e\u003ccode\u003eb0302ac\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v2 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate dependencies across 12 directories to apply security fixes and minor improvements. Notable bumps: `axios` 1.15.2, `vm2` 3.11.3, `langsmith` (desktop 0.6.0, web 0.7.1), `protobufjs` 7.6.0, and `brace-expansion` patches.\n\n- **Dependencies**\n  - `axios` → 1.15.2: Hardens Node HTTP adapter, adds `allowedSocketPaths` (SSRF mitigation), and fixes keep‑alive socket leak.\n  - `vm2` → 3.11.3: Patches RCE vector (GHSA-248r-7h7q-cr24) in async generator thenables.\n  - `langsmith`: Desktop → 0.6.0; Web → 0.7.1. Includes tracing and prompt cache improvements.\n  - `protobufjs` → 7.6.0: Parser/bundler hardening and BigInt conversions.\n  - `brace-expansion` → 2.x/5.x: ReDoS mitigation and related fixes.\n  - `sanitize-html` (web) → 2.17.4: Patch update.\n\n\u003csup\u003eWritten for commit 62a6b73e8a723e057125f5176eac50a1c6ed0f03. Summary will update on new commits. \u003ca href=\"https://cubic.dev/pr/quazfenton/binG/pull/107?utm_source=github\"\u003eReview in cubic\u003c/a\u003e\u003c/sup\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/quazfenton/binG/pull/107","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/quazfenton%2FbinG/issues/107","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/107/packages"}}]}